Ok, so it seems with Apache > 2.4 the functionality of Apache2::AuthCookieDBI can be duplicated using modules, specifically:

mod_auth_form AND mod_authn_dbd

This article gives a good writeup about it:

https://kodingnotes.wordpress.com/2013/02/26/authentication-in-apache2-4-part-1-installation/

In the config file you just need:

DBDriver mysql
DBDParams "dbname=myDB,user=root,pass=XXX"
<Location /private>
  AuthFormProvider dbd
  AuthType form
  AuthName private

  Session On
  SessionCookieName session path=/
  SessionCryptoPassphrase secret
  ErrorDocument 401 /login.html

  # mod_authz_core configuration
  Require valid-user

  # mod_authn_dbd SQL query to authenticate a user
  AuthDBDUserPWQuery "SELECT password FROM apache_user WHERE username = %s"
</Location>


Now the followup. I personally need extra dynamism, specifically I need DBDParams and SessionCookieName to be dynamic for each request. Intense googling has lead me to believe I can do so within a <Perl> block, something like:

When the user requests www.site.com/client_identifier/*anything* then the <Perl> block needs to get $client_identifier from the URI and then get $host, $database, $username, $password via:

select host, database, username, password from clients where client = $client_identifier

But I'm kind of at a bit of a loss how to accomplish this. Anyone here have any hints?

Thanks, and I hope this helps rescue people from Apache2::AuthCookieDBI

Tosh

--
McIntosh Cooey - Twelve Hundred Group LLC - http://www.1200group.com/

Reply via email to