How to : Apache mod_auth_mysql Authentication With .htaccess

In this tutorial, I will guide you through the steps of doing Mod _Auth_MySQL authentication with the help of user login id’s and passwords stored in a MySQL database.

This type of authentication is usually good for protecting web pages and web directories from unauthentic access. It is quite similar to LDAP authentication, with the exception of database involvement here and is fast also. mod_auth_mysql is an apache module which can work with both Apache 1.x and Apache 2.x and can be installed from http://modauthmysql.sourceforge.net/ Before we continue with the directives that needs to be set in the .htaccess file, we need to know the prerequisites.

  1. There should be a line like this  “LoadModule mysql_auth_module modules/mod_auth_mysql.so”  in the httpd.conf file in your apache directory.
  2. You should have MySQL database at your backend with which the final authentication will be done.

The directives can also be places inside the httpd.conf file to reduce the round trip time to server. But the server should be restarted after doing any change in this file. Here we are using .htaccess file for authentication and no restart of apache is needed after changes.

Below are the parameters to configure that determines, how the authentication works. The can be set On/Off , can also be set as a string or an integer.

AuthName “MySQL Testing” – The Identifier or name used for the authentication.

AuthType Basic

AuthMySQLHost localhost – Set it to localhost or IP address of the machine on which Database Server is hosted

AuthMySQLDB test – The name of the Database

AuthMySQLUser <no default — NULL> – The MySQL database username.

AuthMySQLPassword <no default — NULL> – The MySQL database password

AuthMySQLUserTable user_info – The name of the DB table with username and password columns and some data.

AuthMySQLEnable On – Whether or not mysql_mod_auth should try to authenticate the user.

AuthMySQLPort <default port in MySQL> – The port on which the MySQL Server is providing its services.

AuthMySQLSocket <default socket in MySQL> – The UNIX socket which should be used to access MySQL host “localhost” on a UNIX system. The default is /tmp/mysql.sock, but this can be changed in the MySQL configuration. See the mySQL documentation for more details.

AuthMySQLNameField user_name_field – In user_info table

AuthMySQLPasswordField user_passwd_field – In user_info table

AuthMySQLUserCondition <no default> – Any condition in normal query language eg. (“user_info.user_name = user_status.user_name and user_status.status = ‘OK’”)

AuthMySQLNoPasswd Off – If or not a password is required.

AuthMySQLPwEncryption none | crypt | scrambled | md5 | aes | sha1 – Type of encryption for password field

AuthMySQLGroupTable <defaults to value of AuthMySQLUserTable>

AuthMySQLGroupCondition <no default>

AuthMySQLGroupField <no default>

AuthMySQLKeepAlive Off – Whether or not to close the connection to the MySQL server after the authentication request.

AuthMySQLAuthoritative On – Whether or not other authentication modules are called, if this module is not able to authenticate the user. If set to On no other modules will be called.

require valid-user

After setting the parameters you need to place this .htaccess file in the directory you wish to protect. You can only have one .htaccess file per directory.

For more parameters information and this module release history check http://modauthmysql.sourceforge.net/CONFIGURE