1<?xml version="1.0" encoding="ISO-8859-1"?> 2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 3<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- 4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 5 This file is generated from xml source: DO NOT EDIT 6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 7 --> 8<title>mod_authn_dbd - Apache HTTP Server</title> 9<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> 10<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> 11<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" /> 12<script src="/style/scripts/prettify.js" type="text/javascript"> 13</script> 14 15<link href="/images/favicon.ico" rel="shortcut icon" /></head> 16<body> 17<div id="page-header"> 18<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p> 19<p class="apache">Apache HTTP Server Version 2.2</p> 20<img alt="" src="/images/feather.gif" /></div> 21<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div> 22<div id="path"> 23<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div> 24<div id="page-content"> 25<div id="preamble"><h1>Apache Module mod_authn_dbd</h1> 26<div class="toplang"> 27<p><span>Available Languages: </span><a href="/en/mod/mod_authn_dbd.html" title="English"> en </a></p> 28</div> 29<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using an SQL database</td></tr> 30<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr> 31<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>authn_dbd_module</td></tr> 32<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_authn_dbd.c</td></tr> 33<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table> 34<h3>Summary</h3> 35 36 <p>This module provides authentication front-ends such as 37 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> 38 to authenticate users by looking up users in SQL tables. 39 Similar functionality is provided by, for example, 40 <code class="module"><a href="/mod/mod_authn_file.html">mod_authn_file</a></code>.</p> 41 <p>This module relies on <code class="module"><a href="/mod/mod_dbd.html">mod_dbd</a></code> to specify 42 the backend database driver and connection parameters, and 43 manage the database connections.</p> 44 45 <p>When using <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> or 46 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the 47 <code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or 48 <code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> 49 with the <code>dbd</code> value.</p> 50</div> 51<div id="quickview"><h3 class="directives">Directives</h3> 52<ul id="toc"> 53<li><img alt="" src="/images/down.gif" /> <a href="#authdbduserpwquery">AuthDBDUserPWQuery</a></li> 54<li><img alt="" src="/images/down.gif" /> <a href="#authdbduserrealmquery">AuthDBDUserRealmQuery</a></li> 55</ul> 56<h3>Topics</h3> 57<ul id="topics"> 58<li><img alt="" src="/images/down.gif" /> <a href="#example">Configuration Example</a></li> 59<li><img alt="" src="/images/down.gif" /> <a href="#exposed">Exposing Login Information</a></li> 60</ul><h3>See also</h3> 61<ul class="seealso"> 62<li><code class="directive"><a href="/mod/core.html#authname">AuthName</a></code></li> 63<li><code class="directive"><a href="/mod/core.html#authtype">AuthType</a></code></li> 64<li> 65 <code class="directive"><a href="/mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> 66</li> 67<li> 68 <code class="directive"><a href="/mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> 69</li> 70<li><code class="directive"><a href="/mod/mod_dbd.html#dbdriver">DBDriver</a></code></li> 71<li><code class="directive"><a href="/mod/mod_dbd.html#dbdparams">DBDParams</a></code></li> 72</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div> 73<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 74<div class="section"> 75<h2><a name="example" id="example">Configuration Example</a></h2> 76 77<p>This simple example shows use of this module in the context of 78the Authentication and DBD frameworks. Please note that you need 79to load an authorization module, such as <code class="module"><a href="/mod/mod_authz_user.html">mod_authz_user</a></code>, 80to get it working.</p> 81<div class="example"><pre> 82# mod_dbd configuration 83DBDriver pgsql 84DBDParams "dbname=apacheauth user=apache password=xxxxxx" 85 86DBDMin 4 87DBDKeep 8 88DBDMax 20 89DBDExptime 300 90 91<Directory /usr/www/myhost/private> 92 # core authentication and mod_auth_basic configuration 93 # for mod_authn_dbd 94 AuthType Basic 95 AuthName "My Server" 96 AuthBasicProvider dbd 97 98 # core authorization configuration 99 Require valid-user 100 101 # mod_authn_dbd SQL query to authenticate a user 102 AuthDBDUserPWQuery \ 103 "SELECT password FROM authn WHERE user = %s" 104</Directory> 105</pre></div> 106</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 107<div class="section"> 108<h2><a name="exposed" id="exposed">Exposing Login Information</a></h2> 109 110<p> 111If httpd was built against <a class="glossarylink" href="/glossary.html#apr" title="see glossary">APR</a> version 1.3.0 112or higher, then whenever a query is made to the database server, all 113column values in the first row returned by the query are placed in the 114environment, using environment variables with the prefix "AUTHENTICATE_". 115</p> 116<p>If a database query for example returned the username, full name 117and telephone number of a user, a CGI program will have access to 118this information without the need to make a second independent database 119query to gather this additional information.</p> 120<p>This has the potential to dramatically simplify the coding and 121configuration required in some web applications. 122</p> 123</div> 124<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 125<div class="directive-section"><h2><a name="AuthDBDUserPWQuery" id="AuthDBDUserPWQuery">AuthDBDUserPWQuery</a> <a name="authdbduserpwquery" id="authdbduserpwquery">Directive</a></h2> 126<table class="directive"> 127<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password for a user</td></tr> 128<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserPWQuery <var>query</var></code></td></tr> 129<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr> 130<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 131<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr> 132</table> 133 <p>The <code class="directive">AuthDBDUserPWQuery</code> specifies an 134 SQL query to look up a password for a specified user. The user's ID 135 will be passed as a single string parameter when the SQL query is 136 executed. It may be referenced within the query statement using 137 a <code>%s</code> format specifier.</p> 138 <div class="example"><h3>Example</h3><pre> 139AuthDBDUserPWQuery \ 140 "SELECT password FROM authn WHERE user = %s" 141</pre></div> 142 <p>The first column value of the first row returned by the query 143 statement should be a string containing the encrypted password. 144 Subsequent rows will be ignored. If no rows are returned, the user 145 will not be authenticated through <code class="module"><a href="/mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p> 146 <p>If httpd was built against <a class="glossarylink" href="/glossary.html#apr" title="see glossary">APR</a> version 1.3.0 147 or higher, any additional column values in the first row returned by 148 the query statement will be stored as environment variables with 149 names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>. 150 </p> 151 <p>The encrypted password format depends on which authentication 152 frontend (e.g. <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> or 153 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used. See <a href="/misc/password_encryptions.html">Password Formats</a> for 154 more information.</p> 155 156</div> 157<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 158<div class="directive-section"><h2><a name="AuthDBDUserRealmQuery" id="AuthDBDUserRealmQuery">AuthDBDUserRealmQuery</a> <a name="authdbduserrealmquery" id="authdbduserrealmquery">Directive</a></h2> 159<table class="directive"> 160<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password hash for a user and realm. 161</td></tr> 162<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserRealmQuery <var>query</var></code></td></tr> 163<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr> 164<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 165<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr> 166</table> 167 <p>The <code class="directive">AuthDBDUserRealmQuery</code> specifies an 168 SQL query to look up a password for a specified user and realm in a 169 digest authentication process. 170 The user's ID and the realm, in that order, will be passed as string 171 parameters when the SQL query is executed. They may be referenced 172 within the query statement using <code>%s</code> format specifiers.</p> 173 <div class="example"><h3>Example</h3><pre> 174AuthDBDUserRealmQuery \ 175 "SELECT password FROM authn WHERE user = %s AND realm = %s" 176</pre></div> 177 <p>The first column value of the first row returned by the query 178 statement should be a string containing the encrypted password. 179 Subsequent rows will be ignored. If no rows are returned, the user 180 will not be authenticated through <code class="module"><a href="/mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p> 181 <p>If httpd was built against <a class="glossarylink" href="/glossary.html#apr" title="see glossary">APR</a> version 1.3.0 182 or higher, any additional column values in the first row returned by 183 the query statement will be stored as environment variables with 184 names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>. 185 </p> 186 <p>The encrypted password format depends on which authentication 187 frontend (e.g. <code class="module"><a href="/mod/mod_auth_basic.html">mod_auth_basic</a></code> or 188 <code class="module"><a href="/mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used. See <a href="/misc/password_encryptions.html">Password Formats</a> for 189 more information.</p> 190 191</div> 192</div> 193<div class="bottomlang"> 194<p><span>Available Languages: </span><a href="/en/mod/mod_authn_dbd.html" title="English"> en </a></p> 195</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div> 196<script type="text/javascript"><!--//--><![CDATA[//><!-- 197var comments_shortname = 'httpd'; 198var comments_identifier = 'http://httpd.apache.org/docs/2.2/mod/mod_authn_dbd.html'; 199(function(w, d) { 200 if (w.location.hostname.toLowerCase() == "httpd.apache.org") { 201 d.write('<div id="comments_thread"><\/div>'); 202 var s = d.createElement('script'); 203 s.type = 'text/javascript'; 204 s.async = true; 205 s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier; 206 (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s); 207 } 208 else { 209 d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>'); 210 } 211})(window, document); 212//--><!]]></script></div><div id="footer"> 213<p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> 214<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- 215if (typeof(prettyPrint) !== 'undefined') { 216 prettyPrint(); 217} 218//--><!]]></script> 219</body></html>