My goal is to have a directory password protected, and have the usernames and passwords stored in mysql.
Having the htpasswd linked to my database using the mod_auth_mysql module looked like exactly what I needed, but when I enable the module it disables my site.
Most of the sites I've gone to regarding this are 5 or 6 years old. Is this method obsolete?
Is there another way to accomplish this?

I'm running an Snow Leopard Server on a Xserve with Apache2 and mysql5.
Thank you

Recommended Answers

looks like in the .htaccess

Jump to Post

DBDriver pgsql

shouldn't that be

DBDriver mysql

Jump to Post

Did this code end up working for you? I am also trying to get mine working but I'm getting the same "not allowed" error in my log file.

# mod_dbd configuration
DBDriver mysql
DBDParams "host=x,dbname=x,user=x,password=x"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /path/to/protected>
  # core …
Jump to Post

All 9 Replies

This site seems to indicate that the module "mod_authn_dbd" that is included with Apache will do what I need.
The problem is I have no idea how to configure it.
On the page it gives an example...

# mod_dbd configuration
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache password=xxxxxx"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /usr/www/myhost/private>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "My Server"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM authn WHERE user = %s"
</Directory>

Where am I supposed to enter this?
Ideas?

looks like in the .htaccess

Thanks for responding Pritaeas
Yes I finally figured that one out.
Now Im getting an error 500 when I go to that directory.
My error logs say ".htaccess: DBDriver not allowed here".

DBDriver pgsql

shouldn't that be

DBDriver mysql

Yes, here is how my htaccess looks

# mod_dbd configuration
DBDriver mysql
DBDParams "host=10.0.1.211 port=3306 dbname=test user=root password=my_password"

DBDMin  1
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /Subscriber/>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "subscriber"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM password WHERE user = %s"
</Directory>

Did this code end up working for you? I am also trying to get mine working but I'm getting the same "not allowed" error in my log file.

# mod_dbd configuration
DBDriver mysql
DBDParams "host=x,dbname=x,user=x,password=x"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /path/to/protected>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "My Server"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM user WHERE email = %s"
</Directory>

Not exactly.
First the code goes in "httpd.conf" not .htaccess
My problem.. When I enter the code it breaks my server.
sudo apachectl configtest reveles the error...
Syntax error on line 1445 of /etc/apache2/httpd.conf:
DBD: No driver for mysql

Apparently I'm missing the apr_dbd_mysql module. So far I have not been able to get it built.

I'm back to looking at "mod_auth_mysql" seems simpler than dealing with multiple modules.
http://support.modwest.com/content/1/161/en/how-do-i-protect-a-directory-with-mod_auth_mysql.html

If you choose to work with "authn_dbd_module" you'll need to change DBDParams "host=x,dbname=x,user=x,password=x" to DBDParams "host=x,dbname=x,user=x,pass=x"

Please let me know how it works out for you.
Thanks

I was able to get this working using "mod_auth_mysql".
I downloaded mod_auth_mysql-3.0.0, I also had to download and run the patch "mod_auth_mysql-3.0.0-apr1x.patch" before building the module as instructed in the build instructions.
My .htaccess looks like this...

AuthName "SecretStuff"
AuthType Basic
AuthMySQLHost 127.0.0.1
AuthMySQLUser MySQL_UserName
AuthMySQLPassword MySQL_Passwd
AuthMySQLDB test
AuthMySQLUserTable user_info
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLPwEncryption none
AuthUserFile /dev/null
AuthBasicAuthoritative Off
AuthMySQLEnable On
require valid-user

I wasn't able to get the "mod_authn_dbd" to work but the "mod_auth_mysql" was super easy to set up.

The problem with mod_authn_dbd was that our host (Dreamhost) wasn't allowing us to override these values. Anyway, we moved our files locally and set up mod_auth_mysql and all is well.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.21 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.