mod auth mysql configuration
Hello. In order to implent a tie to our user database, I have installed mod_auth_mysql. The installation is a success, however, I have a question that hopefully someone here can answer.
In order to tie in to the user database, which is on a different server, I have to have the following put into my htaccess fille:
AuthName "Moooooose"
AuthType Basic
AuthMySQLHost serverName
AuthMySQLUser user
AuthMySQLPassword password
AuthMySQLDB userDataBase
AuthMySQLUserTable userTable
AuthMySQLNameField userName
AuthMySQLPasswordField userPassword
require valid-user
This works great and ties in perfectly however, I would really prefer not to have the user name and password and even the user database structure present to users in the htaccess file. I tried moving them to the httpd.conf file (just a shot in the dark) and on configtest was told that those are not allowed in it. The README file mentions something about a config file that these can be put but I can't find one to save my life and there are no instructions about creating one. We have a lot of people that will have permissions to view an htaccess file on the server, however, they should not have any kind of permissions to the database, especially the user database, and by viewing the htaccess file they can gain these permissions. Any ideas? TIA!
|