ApacheMySQLAuthentication » History » Revision 5
« Previous |
Revision 5/22
(diff)
| Next »
Lutz Suhrbier, 08/10/2007 08:48 PM
Apache MySQL Authentication¶
PAM-MySQL Authentication¶
Since, the package libapache2-mod-auth-mysql is currently not available, we take the recommended Debian way and use libapache2-mod-auth-pam and libpam-mysql instead.
# apt-get install libapache2-mod-auth-pam libpam-mysql
We have to configure this within Apache2. Therefore, we use our idp configuration script and change the shibboleth authentication location
<Location /shibboleth-idp/SSO> AuthName "Shibboleth IdP" AuthType Basic AuthUserFile /etc/apache2/user.db require valid-user </Location>
into the following
<Location /shibboleth-idp/SSO> AuthName "Shibboleth IdP" AuthType Basic AuthName "PAM" require valid-user </Location>
Furthermore, we have to add the user www-data to the shadow group
# adduser www-data shadow
But, the following Security advice is from the README.Debian file for the module:
SECURITY
To use with standard Debian configuration you have to add "www-data" user to
"shadow" group. Be careful! It means it can be readable by anyone who can run
its own CGI script!
The passwords are sent by net as clear text. You should use SSL to protect
them.
Now, we have to configure PAM for Apache2, to use the correct MySQL Database.
Edit /etc/pam.d/apache2 as follows
@include common-auth @include common-account account required pam_mysql.so user=webadmin passwd=secret host=160.45.63.30 db=drupal5 table=_shared_users usercolumn=name passwdcolumn=pass crypt=2
Finally, restart apache2 and see if it works.
But there is some missing information:
libapache2-mod-auth-myaql¶
apt-get install apache2-prefork-dev apache2-prefork-dev 155 apt-get -f install 156 apt-get -f install 157 apt-get install apache2-prefork-dev apache2-prefork-dev 158 cd /usr/src/ 159 mkdir auth_mysql 160 cd auth_mysql/ 161 wget http://download.nuxwin.com/apache2.2-modules/auth_mysql/mod_auth_mysql-3.0.0.tar.gz 162 tar xzf mod_auth_mysql-3.0.0.tar.gz 163 ls 164 wget http://download.nuxwin.com/apache2.2-modules/auth_mysql/patch/apache2.2.diff 165 mv apache2.2.diff mod_auth_mysql-3.0.0/ 166 cd mod_auth_mysql-3.0.0 167 patch -p0 < apache2.2.diff mod_auth_mysql.c 168 apt-get install patch 169 patch -p0 < apache2.2.diff mod_auth_mysql.c 170 apxs2 -c -L/usr/lib/mysql -I/usr/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c 171 apt-get install build-essentials 172 apxs2 -c -L/usr/lib/mysql -I/usr/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c 173 apt-get install gcc 174 apxs2 -c -L/usr/lib/mysql -I/usr/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c 175 apt-get install libmysqlclient15-dev 176 apxs2 -c -L/usr/lib/mysql -I/usr/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c 177 apxs2 -i mod_auth_mysql.la 178 echo "LoadModule mysql_auth_module /usr/lib/apache2/modules/mod_auth_mysql.so" > /etc/apache2/mods-available/auth_mysql.load 179 a2enmod auth_mysql 180 /etc/init.d/apache2 force-reload 181 /etc/init.d/apache2 force-reload 182 less /var/log/apache2/access.log 183 less /var/log/apache2/error.log 184 less /var/log/auth.log
Updated by Lutz Suhrbier over 16 years ago · 5 revisions