Writing a custom Authentication method
Sometimes the standard methods just don't cut it, and that is okay. That is why this recipe gives a clear insight into how to create our own authentication method.
Getting ready
For this recipe it would be preferred if there is a web environment that has SSL enabled. Configuring such an environment is outside the scope but it would be beneficial for the execution of this recipe.
An example of an environment like this would be an Apache 2 web server with mod_ssl correctly configured. To enable the certificate verification on Apache2, one needs to place the following code in their public/.htaccess file:
# Only execute the following code when mod_ssl is # enabled <IfModule mod_ssl.c> # This means the client can present their # certificate, but it doesn't need to be verifiable # by the server SSLVerifyClient optional_no_ca # This depth means the certificate can only be self- # signed otherwise it will be denied SSLVerifyDepth 0 #...
