Feature #752
mySQL auth
| Status: | New | Start: | ||
| Priority: | Normal | Due date: | ||
| Assigned to: | jan | % Done: | 0% |
|
| Category: | core | |||
| Target version: | - | |||
| Pending: | No |
Resolution: | ||
Description
This patch allows lighttpd to authenticate users against mySQL DBbr
NOTE: Only basic auth is implemented. Passwords are stored as MD5 hash in DB
br" class="external">lighttpd-1.4.11-mysql_auth.patch
lighttpd-1.4.11-mysql_auth.sql
br
tar xzvf lighttpd-1.4.11.tar.gz # (unpack source) patch -p0 < lighttpd-1.4.11-mysql_auth.patch # (apply patch) cd lighttpd-1.4.11 ./configure --with-mysql # (add more options if you want) make make install
make mysql db and user (read mySQL doc's if you don't know how)br
import lighttpd-1.4.11-mysql_auth.sql
open lighttpd.conf and addbr
(be sure that you comment out any other auth - according to lighttpd docs)
br
auth.backend = "mysql" auth.backend.mysql.host = "localhost" auth.backend.mysql.user = "db_user" auth.backend.mysql.pass = "db_pass" auth.backend.mysql.db = "db_name" auth.backend.mysql.port = "0" # (for default port 0, always needed) auth.backend.mysql.socket = "" # (for default leave blank, always needed) auth.backend.mysql.users_table = "users_table" auth.backend.mysql.col_user = "col_name_username" auth.backend.mysql.col_pass = "col_name_password" # (md5 hash of password) auth.backend.mysql.col_realm = "col_realm_name"
configure lighttpd to use it (same as every other auth)
auth.require = ( "/some_path" =>
(
"method" => "basic",
"realm" => "some_realm",
"require" => "some_user",
)
)
start lighttpd
test & Njoy
P.S. patch include more complicated setup with separate table for domains.
If you are interested please contact with me to obtain more information.
Bugs, Patches and Suggestions
Send me E-Mail: drJeckyll@Jeckyll.net
original version is located here
-- drJeckyll
History
10/14/2007 01:05 PM - Anonymous
Is there a patch to the current version 1.4.18? I tried it myself to merge the 1.4.11-patch to this version, but it didn't work...
-- johann
01/25/2008 05:15 AM - Anonymous
This patch work fine for me> johann.
But i think this patch has SQL Injection probrem.
i think it should use mysql_real_escape_string().
such as attached file.
but i think this version still has a probrem.
i think all of MySQL related lines should be in #ifdef HAVE_MYSQL ... #endif.
Sorry i could not resolve this probrem.
i read ldap related lines. i think there are many ldap line at outside ifdef. i can't understand it. sorry.
-- taguchi
01/25/2008 05:43 AM - Anonymous
Thanks for your reply. I will try the patch on this weekend (if there is time to).
If i got my lighty running with mysql-auth, ill try to add mysql_real_escape_string() but C is not even rudimental my preferred language :)
Best regards,
Johann
-- johann
03/21/2008 01:35 PM - Anonymous
Sorry, for the late response:
I tried the latest patch, but it doesnt worked for me. Patching and build was fine, but on restart after configuration, i got:
2008-03-21 14:27:37: (plugin.c.165) dlopen() failed for: /usr/lib/lighttpd/mod_auth.so /usr/lib/lighttpd/mod_auth.so: undefined symbol: mysql_query 2008-03-21 14:27:37: (server.c.621) loading plugins finally failed
The System is a Gentoo Linux with mysql installed and mysql-support in lighttpd.
Sorry, but atm i have no time to dig deeper...
-- johann
03/21/2008 02:41 PM - stbuehler
Looks like the module is not linked against mysql; so you either need to fix the Makefile.am or load the mysql-vhost module before mod_auth so mysql is already loaded
04/06/2008 05:31 PM - Anonymous
DrJeckyll's latest patch made my 1.4.19 segfault, so I've here's my version, based on the one by Taguchi.
I've also added support for digest authentication, in which the 'password' field should look like this:
MD5(CONCAT(username,':',realm,':',plaintext_password))
This is easy to use when you create a MySQL view:
CREATE VIEW digest AS SELECT username AS username, MD5(CONCAT(username,':',realm,':',password)) AS password, realm AS realm FROM auth