Using the MySQL Database for Authentication on Apache Server

ruiseixas · 11-17-2003, 08:02 AM

This is how I configure my Apache to make an Basic Authentication using MySQL database.

1. Download mod_auth_mysql from http://www.heuer.org/

2. Unpack the tgz file
# tar xvzf /downloads/mod_auth_mysql.tgz

3. Install the module using the apxs utility
# /usr/local/apache2/bin/apxs -c -i -a -L/usr/lib/mysql -lmysqlclient mod_auth_mysql.c

4. Check the file .httpd.conf for the next line
LoadModule auth_mysql_module modules/mod_auth_mysql.so

5. Create the database htpasswd in the mysql server
# mysqladmin -p create htpasswd

6. Grant select capabilities to htpasswd user
# mysql -p
mysql> use htpasswd
mysql> grant select on htpasswd.* to htpasswd@localhost
mysql> by 'secretpass';
mysql> flush privileges;
mysql> quit

7. Create and edit the tables for the htpasswd database using the htpasswd.sql script in mod_auth_mysql folder
# mysql -u root –p 'rootpass'
mysql> use htpasswd
mysql> source /downloads/mod_auth_mysql/htpasswd.sql;
mysql> insert into host_info(id,host,host_group) values
mysql> (null, “localhost”,1);
mysql> select * from host_info;
mysql> insert into user_info(id,user_name,user_passwd,host_group) values
mysql> (null,”myname”,encrypt(“mypass”),1);
mysql> select * from user_info where user_name=’myname’;
mysql> insert into user_group(id,user_name,user_group,host_group) values
mysql> (null,”myname”,’admins’,1);
mysql> select * from user_group;
mysql> quit

8. Create the next .htaccess file on the folder to secure, protect this file to be only read by Apache
# directives to the Basic Authorization

AuthType Basic
AuthName “Very Secret”

# Lines required to make a connection to the MySQL database

AuthMySQLHost localhost
AuthMySQLUser htpasswd
AuthMySQLPassword secretpass
AuthMySQLDB htpasswd

# Make MySQL authentication authoritative

AuthMySQLAuthoritative On

# Keep the connection to MySQL from client Alive

AuthMySQLKeepAlive On

# Require authorized users (if authorization made by users)

#require user myname

# Require authorized groups (my favorite)

require group admins

9. Uncomment the AccessFileName in .httpd.conf file to allow the use of .htaccess like this
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess

Possible problems:

If you have problems on point 3, because some source files are not found, try make symbolic links of the mysql source files on the include folder of your Apache server. For example:

# ln -s /usr/include/mysql/* /usr/local/apache2/include/

If you can't make a success login its possible that exist some error on your .htaccess file or in one of the tables, read the error_log file on the logs folder present in your Apache folder installation for detect where the problem come for.

If you want to know how make a login authorization form in one HTML page like those we see on the net, I don't know how to do it.
I'm trying to find some explanation, but so far any good results.

-*- REGARDS -*-

Murpe · 03-12-2004, 10:32 PM

I have done the steps above and still can't get it working. I am running SuSe Linux Pro 9.0 w/ MySQL 4.0 and PHP 4.3.2. It seems, under the phpinfo(), that the mod_auth_mysql is loaded as a module correctly, but it just seems to skip over seeing the .htaccess I have in a directory.

Loaded modules:
core mod_access mod_auth mod_auth_anon mod_auth_dbm mod_auth_digest mod_ext_filter mod_include mod_log_config mod_env mod_mime_magic mod_cern_meta mod_expires mod_headers mod_usertrack mod_unique_id mod_setenvif mod_ssl prefork http_core mod_mime mod_dav mod_status mod_autoindex mod_asis mod_info mod_cgi mod_dav_fs mod_vhost_alias mod_negotiation mod_dir mod_imap mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_so sapi_apache2 mod_auth_mysql

Snapshot of my .htaccess file

AuthType Basic
AuthName "Authorized Access Only"
AuthMySQLHost localhost
AuthMySQLDB htpasswd
AuthMySQLAuthoritative On
AuthMySQLKeepAlive On
AuthMySQLUserTable user_auth
AuthMySQLGroupTable user_auth
AuthMySQLGroupField user_group
require group admin

-- MySQL dump 9.09
--
-- Host: localhost Database: htpasswd
-- ------------------------------------------------------
-- Server version 4.0.16

--
-- Table structure for table `user_auth`
--

CREATE TABLE user_auth (
user_name char(30) NOT NULL default '',
user_passwd char(20) NOT NULL default '',
user_group char(10) default NULL,
PRIMARY KEY (user_name)
) TYPE=MyISAM;

--
-- Dumping data for table `user_auth`
--

INSERT INTO user_auth VALUES ('myname','mypassword','admin');

Does something under the httpd.conf or elsewhere need to be altered?

Thanks.

-- M