Hi, I have an apache http server (httpd-2.4) which is configured for SSL Client Auth. At the moment I extract the username from SSL_CLIENT_S_DN and set a new request header containing the username which is forwarded to a backend application. What I would like to do is before the request is sent to the backend application, either call active directory or a bespoke service, either of which would return information about that user before populating the header(s) and forwarding the request to the original intended target application. I am not sure of this is possible. I can't seem to find a way of using mod_ssl and mod_authnz_ldap together. If I did use my own bespoke service/application to do the AD lookup, is Apache web server able to maintain state between the calls? Any comments/advice greatly appreciated! Thanks