Current Path : /usr/local/apache22/share/doc/apache2/mod/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
Current File : //usr/local/apache22/share/doc/apache2/mod/mod_authn_dbd.html.en |
<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type" /> <!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> <title>mod_authn_dbd - Apache HTTP Server Version 2.2</title> <link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> <link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> <link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" /> <script src="../style/scripts/prettify.min.js" type="text/javascript"> </script> <link href="../images/favicon.ico" rel="shortcut icon" /><link href="http://httpd.apache.org/docs/current/mod/mod_authn_dbd.html" rel="canonical" /></head> <body> <div id="page-header"> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> <p class="apache">Apache HTTP Server Version 2.2</p> <img alt="" src="../images/feather.gif" /></div> <div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> <div id="path"> <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div> <div id="page-content"> <div class="retired"><h4>Please note</h4> <p> This document refers to a legacy release (<strong>2.2</strong>) of Apache httpd. The active release (<strong>2.4</strong>) is documented <a href="http://httpd.apache.org/docs/current">here</a>. If you have not already upgraded, please follow <a href="http://httpd.apache.org/docs/current/upgrading.html">this link</a> for more information.</p> <p>You may follow <a href="http://httpd.apache.org/docs/current/mod/mod_authn_dbd.html">this link</a> to go to the current version of this document.</p></div><div id="preamble"><h1>Apache Module mod_authn_dbd</h1> <div class="toplang"> <p><span>Available Languages: </span><a href="../en/mod/mod_authn_dbd.html" title="English"> en </a></p> </div> <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User authentication using an SQL database</td></tr> <tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr> <tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>authn_dbd_module</td></tr> <tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_authn_dbd.c</td></tr> <tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.1 and later</td></tr></table> <h3>Summary</h3> <p>This module provides authentication front-ends such as <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> and <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> to authenticate users by looking up users in SQL tables. Similar functionality is provided by, for example, <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>.</p> <p>This module relies on <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> to specify the backend database driver and connection parameters, and manage the database connections.</p> <p>When using <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>, this module is invoked via the <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> with the <code>dbd</code> value.</p> </div> <div id="quickview"><h3>Topics</h3> <ul id="topics"> <li><img alt="" src="../images/down.gif" /> <a href="#example">Configuration Example</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#exposed">Exposing Login Information</a></li> </ul><h3 class="directives">Directives</h3> <ul id="toc"> <li><img alt="" src="../images/down.gif" /> <a href="#authdbduserpwquery">AuthDBDUserPWQuery</a></li> <li><img alt="" src="../images/down.gif" /> <a href="#authdbduserrealmquery">AuthDBDUserRealmQuery</a></li> </ul> <h3>See also</h3> <ul class="seealso"> <li><code class="directive"><a href="../mod/core.html#authname">AuthName</a></code></li> <li><code class="directive"><a href="../mod/core.html#authtype">AuthType</a></code></li> <li> <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> </li> <li> <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> </li> <li><code class="directive"><a href="../mod/mod_dbd.html#dbdriver">DBDriver</a></code></li> <li><code class="directive"><a href="../mod/mod_dbd.html#dbdparams">DBDParams</a></code></li> </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="example" id="example">Configuration Example</a></h2> <p>This simple example shows use of this module in the context of the Authentication and DBD frameworks. Please note that you need to load an authorization module, such as <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>, to get it working.</p> <div class="example"><pre># mod_dbd configuration DBDriver pgsql DBDParams "dbname=apacheauth user=apache password=xxxxxx" DBDMin 4 DBDKeep 8 DBDMax 20 DBDExptime 300 <Directory /usr/www/myhost/private> # core authentication and mod_auth_basic configuration # for mod_authn_dbd AuthType Basic AuthName "My Server" AuthBasicProvider dbd # core authorization configuration Require valid-user # mod_authn_dbd SQL query to authenticate a user AuthDBDUserPWQuery \ "SELECT password FROM authn WHERE user = %s" </Directory></pre></div> </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="exposed" id="exposed">Exposing Login Information</a></h2> <p> If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0 or higher, then whenever a query is made to the database server, all column values in the first row returned by the query are placed in the environment, using environment variables with the prefix "AUTHENTICATE_". </p> <p>If a database query for example returned the username, full name and telephone number of a user, a CGI program will have access to this information without the need to make a second independent database query to gather this additional information.</p> <p>This has the potential to dramatically simplify the coding and configuration required in some web applications. </p> </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="AuthDBDUserPWQuery" id="AuthDBDUserPWQuery">AuthDBDUserPWQuery</a> <a name="authdbduserpwquery" id="authdbduserpwquery">Directive</a></h2> <table class="directive"> <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password for a user</td></tr> <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserPWQuery <var>query</var></code></td></tr> <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr> <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr> </table> <p>The <code class="directive">AuthDBDUserPWQuery</code> specifies an SQL query to look up a password for a specified user. The user's ID will be passed as a single string parameter when the SQL query is executed. It may be referenced within the query statement using a <code>%s</code> format specifier.</p> <div class="example"><h3>Example</h3><pre>AuthDBDUserPWQuery \ "SELECT password FROM authn WHERE user = %s"</pre></div> <p>The first column value of the first row returned by the query statement should be a string containing the encrypted password. Subsequent rows will be ignored. If no rows are returned, the user will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p> <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0 or higher, any additional column values in the first row returned by the query statement will be stored as environment variables with names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>. </p> <p>The encrypted password format depends on which authentication frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used. See <a href="../misc/password_encryptions.html">Password Formats</a> for more information.</p> </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="AuthDBDUserRealmQuery" id="AuthDBDUserRealmQuery">AuthDBDUserRealmQuery</a> <a name="authdbduserrealmquery" id="authdbduserrealmquery">Directive</a></h2> <table class="directive"> <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password hash for a user and realm. </td></tr> <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserRealmQuery <var>query</var></code></td></tr> <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr> <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr> </table> <p>The <code class="directive">AuthDBDUserRealmQuery</code> specifies an SQL query to look up a password for a specified user and realm in a digest authentication process. The user's ID and the realm, in that order, will be passed as string parameters when the SQL query is executed. They may be referenced within the query statement using <code>%s</code> format specifiers.</p> <div class="example"><h3>Example</h3><pre>AuthDBDUserRealmQuery \ "SELECT password FROM authn WHERE user = %s AND realm = %s"</pre></div> <p>The first column value of the first row returned by the query statement should be a string containing the encrypted password. Subsequent rows will be ignored. If no rows are returned, the user will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p> <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0 or higher, any additional column values in the first row returned by the query statement will be stored as environment variables with names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>. </p> <p>The encrypted password format depends on which authentication frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used. See <a href="../misc/password_encryptions.html">Password Formats</a> for more information.</p> </div> </div> <div class="bottomlang"> <p><span>Available Languages: </span><a href="../en/mod/mod_authn_dbd.html" title="English"> en </a></p> </div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div> <script type="text/javascript"><!--//--><![CDATA[//><!-- var comments_shortname = 'httpd'; var comments_identifier = 'http://httpd.apache.org/docs/2.2/mod/mod_authn_dbd.html'; (function(w, d) { if (w.location.hostname.toLowerCase() == "httpd.apache.org") { d.write('<div id="comments_thread"><\/div>'); var s = d.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier; (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s); } else { d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>'); } })(window, document); //--><!]]></script></div><div id="footer"> <p class="apache">Copyright 2017 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- if (typeof(prettyPrint) !== 'undefined') { prettyPrint(); } //--><!]]></script> </body></html>