I have recently created an intranet site for 30 users. The web server is an APACHE server, residing on a linux box.
The users are authenticated onto the site using PKI authentication. I would like parts of the site where only certain users may access. I do not want to use a username/password route. I originally created a .htaccess file, with the names of the 10 authorised users:

SSLRequire %{SSL_CLIENT_S_DN_CN} in {"bobsmith", "tomsmith", "paulsmith",etc etc}

However there seems to be problems with this (works fine when the user list is on 1 line, but does not work when there are multiple lines?) and it does not seem practical. Is there are more efficient route? What I would like is to gain the DN credentials from the client certificate and compare against a named user list. Sounds simple!

Any advice would be appreciated

Thanks