1

My goal is to have a directory password protected, and have the usernames and passwords stored in mysql.
Having the htpasswd linked to my database using the mod_auth_mysql module looked like exactly what I needed, but when I enable the module it disables my site.
Most of the sites I've gone to regarding this are 5 or 6 years old. Is this method obsolete?
Is there another way to accomplish this?

I'm running an Snow Leopard Server on a Xserve with Apache2 and mysql5.
Thank you

3
Contributors
9
Replies
11
Views
7 Years
Discussion Span
Last Post by dizee
0

This site seems to indicate that the module "mod_authn_dbd" that is included with Apache will do what I need.
The problem is I have no idea how to configure it.
On the page it gives an example...

# mod_dbd configuration
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache password=xxxxxx"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /usr/www/myhost/private>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "My Server"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM authn WHERE user = %s"
</Directory>

Where am I supposed to enter this?
Ideas?

0

Thanks for responding Pritaeas
Yes I finally figured that one out.
Now Im getting an error 500 when I go to that directory.
My error logs say ".htaccess: DBDriver not allowed here".

0

Yes, here is how my htaccess looks

# mod_dbd configuration
DBDriver mysql
DBDParams "host=10.0.1.211 port=3306 dbname=test user=root password=my_password"

DBDMin  1
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /Subscriber/>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "subscriber"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM password WHERE user = %s"
</Directory>

Edited by peter_budo: Keep It Organized - For easy readability, always wrap programming code within posts in [code] (code blocks)

0

Did this code end up working for you? I am also trying to get mine working but I'm getting the same "not allowed" error in my log file.

# mod_dbd configuration
DBDriver mysql
DBDParams "host=x,dbname=x,user=x,password=x"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /path/to/protected>
  # core authentication and mod_auth_basic configuration
  # for mod_authn_dbd
  AuthType Basic
  AuthName "My Server"
  AuthBasicProvider dbd

  # core authorization configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery \
    "SELECT password FROM user WHERE email = %s"
</Directory>
0

Not exactly.
First the code goes in "httpd.conf" not .htaccess
My problem.. When I enter the code it breaks my server.
sudo apachectl configtest reveles the error...
Syntax error on line 1445 of /etc/apache2/httpd.conf:
DBD: No driver for mysql

Apparently I'm missing the apr_dbd_mysql module. So far I have not been able to get it built.

I'm back to looking at "mod_auth_mysql" seems simpler than dealing with multiple modules.
http://support.modwest.com/content/1/161/en/how-do-i-protect-a-directory-with-mod_auth_mysql.html

If you choose to work with "authn_dbd_module" you'll need to change DBDParams "host=x,dbname=x,user=x,password=x" to DBDParams "host=x,dbname=x,user=x,pass=x"

Please let me know how it works out for you.
Thanks

1

I was able to get this working using "mod_auth_mysql".
I downloaded mod_auth_mysql-3.0.0, I also had to download and run the patch "mod_auth_mysql-3.0.0-apr1x.patch" before building the module as instructed in the build instructions.
My .htaccess looks like this...

AuthName "SecretStuff"
AuthType Basic
AuthMySQLHost 127.0.0.1
AuthMySQLUser MySQL_UserName
AuthMySQLPassword MySQL_Passwd
AuthMySQLDB test
AuthMySQLUserTable user_info
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLPwEncryption none
AuthUserFile /dev/null
AuthBasicAuthoritative Off
AuthMySQLEnable On
require valid-user

0

I wasn't able to get the "mod_authn_dbd" to work but the "mod_auth_mysql" was super easy to set up.

The problem with mod_authn_dbd was that our host (Dreamhost) wasn't allowing us to override these values. Anyway, we moved our files locally and set up mod_auth_mysql and all is well.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.