RE: Re: CGI.pm Authentication

Thanks for the link, this is a starting point. Yes, I'm using mod_perl. The reason I asked this is that I have a PHP application that authenticates via a MySQL database (a table with usernames and encrypted passwords). PHP does pretty good WWW Authentication, you can get at the supplied parameters via $PHP_AUTH_USER and $PHP_AUTH_PW (after sending a 401 header).
I already tried to use Apache::AuthDBI, but the problem is that the passwords in the database are MySQL-encrypted, and Apache::AuthDBI prefers plain text or crypt(8) passwords. Bad luck. But with that Apache->request stuff I think it can be done. I'll give it a try.

Comment on RE: Re: CGI.pm Authentication

Replies are listed 'Best First'.
RE: RE: Re: CGI.pm Authentication by httptech (Chaplain) on Jun 17, 2000 at 03:29 UTC
Why not use mod_auth_mysql? You can then use MySQL-encrypted passwords with no problem. Note that there are some quirks in mod_auth_mysql, one of which is that the Auth_MySQL_Empty_Passwords directive does the opposite of what it's supposed to. Another quirk is that usernames are compared case-insensitively. I've hacked my copy of mod_auth_mysql so that it fixes these problems (and actually adds case-insensitivity as a feature). Let me know if you want it. These things may not affect you of course, so you may not need my version.	[reply]

Replies are listed 'Best First'.

RE: RE: Re: CGI.pm Authentication
by httptech (Chaplain) on Jun 17, 2000 at 03:29 UTC

mod_auth_mysql

Note that there are some quirks in mod_auth_mysql, one of which is that the Auth_MySQL_Empty_Passwords directive does the opposite of what it's supposed to. Another quirk is that usernames are compared case-insensitively.

I've hacked my copy of mod_auth_mysql so that it fixes these problems (and actually adds case-insensitivity as a feature). Let me know if you want it. These things may not affect you of course, so you may not need my version.

[reply]