In the documentation of apache 2.4 is mentioned, that it is possible to get additional columns from the db table when using mod_authn_dbd for authentication:
If httpd was built against APR version 1.3.0 or higher, any additional column values in the first row returned by the query statement will be stored as environment variables with names of the form AUTHENTICATE_COLUMN.
But eg the output of "phpinfo" doesn't show additional environment variables.
We use
openSUSE - 13.2 (x86_64)
apache2 - 2.4.10-28.1
libapr-util1-dbd-mysql
MySQL-Table:
CREATE TABLE IF NOT EXISTS `USERS` (
`USER` varchar(20) NOT NULL,
`PASSWORD` varchar(150) NOT NULL,
`KUNDE` varchar(20) NOT NULL,
`TIMESTAMP` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
`REMOTE_IP` varchar(15) NOT NULL,
`CLIENT_IP` varchar(15) NOT NULL,
PRIMARY KEY (`USER`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Apache configuration:
# mod_dbd configuration
DBDriver mysql
DBDParams "host=127.0.0.1 dbname=Auth port=3306 user=Auth pass=XXXXXXXX"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 60
Alias /test2/ "/path/test2/"
<Directory "/path/test2/">
Options Indexes
AllowOverride All
require ip 192.168.xxx.0/24 10.xxx.xxx.0/24
</Directory>
<Directory "/path/test2/secure">
AuthType Basic
AuthName "Test"
AuthBasicProvider socache dbd
AuthnCacheProvideFor dbd
AuthnCacheContext Test
AuthnCacheTimeout 60
AuthDBDUserPWQuery "SELECT PASSWORD FROM USERS WHERE USER = %s"
</Directory>
Maybe someone could help and knows how to use it.
Thanks.
Maybe because you don't have any other columns in your query? Try for example
AuthDBDUserPWQuery "SELECT KUNDE, PASSWORD FROM USERS WHERE USER = %s"
Please also note that this approach isn't really secure because you appear to be storing plain text passwords.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.