Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

mod auth mysql - syntax and config help needed

Posted on 2014-11-19
4
Medium Priority
?
312 Views
Last Modified: 2014-11-22
I have a table called htaccess which contains all of the username/passwords for remote access clients.
I dump the contents of this table into a .htpasswd file now and then to keep it updated.

Currently, I am using the standard .htaccess method with an .htpasswd file and it works just fine.
I want to use mysql to maintain and authenticate directly from instead of the .htpasswd file.

So far, no luck what so ever. When looking for information, it gets very confusing very quickly as results keep showing tons of useless syntax combinations which are wrong. I have yet to find the right syntax to put into my .htaccess file to make this work.

That is where I need help.

The server is Centos 6.5.
mysql-5.5.40
httpd-2.2.15
0
Comment
Question by:projects
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Steve Bink
ID: 40454151
@other experts: there is a previous question relevant to this.

@projects: Can you post the httpd.conf and .htaccess file you are attempting to use with mod_auth_mysql?  Just the relevant <VirtualHost> container from httpd.conf will be fine, and feel free to anonymize any sensitive information.
0
 

Author Comment

by:projects
ID: 40454237
The current VirtualHost section for this particular server is;

<VirtualHost *:80>
        ServerAdmin support@xxx.com
        DocumentRoot /var/www/vhosts/somehost/html
        ServerName somedomain.com
        ErrorLog  /var/www/vhosts/somehost/logs/error_log
        CustomLog /var/www/vhosts/somehost/logs/access_log combined
#    <Directory /var/www/vhosts/somehost/html>
#        AllowOverride AuthConfig
#    </Directory>
</VirtualHost>

<VirtualHost *:443>
            DocumentRoot "/var/www/vhosts/somehost/html"
            ServerName somedomain.com:443
            ErrorLog /var/www/vhosts/somehost/logs/ssl_error_log
            TransferLog /var/www/vhosts/somehost/logs/ssl_access_log
            LogLevel warn
            SSLEngine on
            SSLProtocol all -SSLv2
            SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

            SSLCertificateFile /etc/pki/tls/certs/somehost.crt
            SSLCertificateKeyFile /etc/pki/tls/private/somehost.key

            SetEnvIf User-Agent ".*MSIE.*" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
#    <Directory /var/www/vhosts/somehost/html>
#        AllowOverride AuthConfig
#    </Directory>
</VirtualHost>

Open in new window


The last version of .htaccess I had was;

AuthBasicAuthoritative Off
AuthUserFile /dev/null
AuthMySQL On
AuthName "Authentication required"
AuthType Basic
Auth_MySQL_Host localhost
Auth_MySQL_User someuser
Auth_MySQL_Password somepass
AuthMySQL_DB somedb
AuthMySQL_Password_Table htaccess
Auth_MySQL_Username_Field username
Auth_MySQL_Password_Field password
Auth_MySQL_Empty_Passwords Off
Auth_MySQL_Encryption_Types PHP_MD5
Auth_MySQL_Authoritative On
require valid-user

Open in new window


I tried all kinds of things I found on the net, with and without underscroes and dashes and other things including less variables and even more variables. Nothing worked after spending a couple of hours on it so I gave up.
0
 
LVL 51

Accepted Solution

by:
Steve Bink earned 2000 total points
ID: 40457562
Unfortunately, I don't have an Apache 2.2 installation to experiment with - all of my environments have transitioned to 2.4, which does not get along well with mod_auth_mysql.  I did find a patch for mod_auth_mysql in Apache 2.4, but then I couldn't be sure my results would apply to your situation.

One thing I did find while looking around is that mod_auth_mysql is no longer supported by active development.  Since Apache now has modules for database interactivity (e.g., mod_authn_dbd), it does seem a bit superfluous.  I've never tried the *dbd authentication, but it is apparently available in Apache 2.2 as well.  Perhaps that will be a better avenue for you to try.

http://httpd.apache.org/docs/2.2/mod/mod_authn_dbd.html


Also, a sidenote about your cipher selection...  I noticed you disallowed SSLv2, but are probably still allowing SSLv3 to go through.  Consider updating that policy.  https://zmap.io/sslv3/servers.html
0
 

Author Comment

by:projects
ID: 40459590
Yes, I saw that also, about mod_auth_mysql no longer being supported so there is no value in doing it that way then. I would rather move on to the new accepted way.

Thanks, I guess this fully resolves this question really.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Containers like Docker and Rocket are getting more popular every day. In my conversations with customers, they consistently ask what containers are and how they can use them in their environment. If you’re as curious as most people, read on. . .
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question