Debian/Ubuntu Tips and Tricks

Debuntu

Debian/Ubuntu Tips and Tricks

How-To: Apache2 authentication using MySQL backend — page 2

Posted by chantra on December 17th, 2008

This entry is part 1 of 2 in the series How-To: Apache2 authentication using MySQL backend

3. Creating users

Here we will be using sha1 password. To create a password, you can use the following command:

# echo -n 'password' | sha1sum
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 -

thus, the SHA1 encrypted version of password password is c8fed00eb2e87f1cee8e90ebbe870c190ac3848c.

Now, lets create a user foobar with password 'password' and a group it will belong to called 'foobargroup'.

mysql> USE httpauthdb;
mysql> INSERT INTO users (login, pass, firstname, lastname, email) VALUES ('foobar', 'c8fed00eb2e87f1cee8e90ebbe870c190ac3848c', 'foo', 'bar', 'foobar@example.com');
mysql> INSERT INTO groups (name) VALUES ('foobargroup');
mysql> INSERT INTO usergroup (uid, gid) VALUES (uid, gid);

Where uid and gid have to be replaced with the one created during the 2 first INSERTS.

4. Setting apache

Now, go to your site configuration edit it and add, in between your Directory tags for instance:

    ## mod auth_mysql
    AuthBasicAuthoritative Off
    AuthMYSQL on
    AuthMySQL_Authoritative on
    AuthMySQL_DB httpauthdb
    Auth_MySQL_Host localhost
    Auth_MySQL_User httpauth
    Auth_MySQL_Password httpauthpassword
    AuthMySQL_Password_Table users
    AuthMySQL_Username_Field login
    AuthMySQL_Password_Field pass
    AuthMySQL_Empty_Passwords off
    AuthMySQL_Encryption_Types SHA1Sum
    # Standard auth stuff
    AuthType Basic
    AuthName "restricted zone"
    Require valid-user

Now, after reloading apache you should be able to authenticate as user foobar with password password.

Series Navigation

5 Responses to “How-To: Apache2 authentication using MySQL backend — page 2”

  1. Just a small issue, echo "password" give a linebreak which make the sha1sum wrong.

    To have the good sha1sum, you need to add -n command to echo

    echo -n 'password' |sha1sum
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 -

    thus, the SHA1 encrypted version of password password is 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 and not c8fed00eb2e87f1cee8e90ebbe870c190ac3848c!

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>