Project

General

Profile

Feature #1845

MySQL Digest Authentication

Added by SandraDekkers almost 9 years ago. Updated about 1 year ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
mod_auth
Target version:
Start date:
2008-12-14
Due date:
% Done:

100%

Estimated time:
Missing in 1.5.x:

Description

This patch allows lighttpd to authenticate users against MySQL using digest authentication.
(For a patch using basic auth for Lighttpd 1.4.18, see #752. But keep in mind that basic auth does not use any encryption.)

Add this to lighttpd.conf to configure the module:

#### auth module
auth.backend                    = "mysql" 
auth.backend.mysql.host         = "$db_host" 
auth.backend.mysql.user         = "$db_user" 
auth.backend.mysql.pass         = "$db_pass" 
auth.backend.mysql.db           = "$db_name" 
auth.backend.mysql.port         = "0" # (for default port 0, always needed)
auth.backend.mysql.socket       = "" # (for default leave blank, always needed)
auth.backend.mysql.users_table  = "http_digest_auth" 
auth.backend.mysql.col_user     = "username" 
auth.backend.mysql.col_pass     = "password" 
auth.backend.mysql.col_realm    = "realm" 

And to use it (same as every other auth):

auth.require = ( "/some_path" => (
    "method"  => "digest",
    "realm"   => "some_realm",
    "require" => "valid-user" 
))

Finally, create the MySQL table. The values for the "password" column can be generated using htdigest or

MD5(CONCAT(username,':',realm,':',plaintext_password))

If you already have a table containing usernames and plaintext passwords, you can simply create a view:

CREATE VIEW http_digest_auth AS
SELECT username AS username, 
       MD5(CONCAT(username,':',realm,':',plaintext_password)) AS password, 
       realm AS realm
FROM   http_basic_auth

Thanks to DrJeckyll and Taguchi for their work on #752.

lighttpd-1.4.20-mysql_digest_auth.patch (11.5 KB) lighttpd-1.4.20-mysql_digest_auth.patch MySQL Digest Authentication patch for Lighttpd 1.4.20 SandraDekkers, 2008-12-14 19:54
diff (11.5 KB) diff MySQL Digest Authentication patch for Lighttpd 1.4.21 SandraDekkers, 2009-02-21 08:52

Related issues

Related to Feature #752: mySQL authFixed

Associated revisions

Revision ae915788 (diff)
Added by gstrauss about 1 year ago

[mod_auth] mod_authn_mysql.c MySQL auth backend (fixes #752, fixes #1845)

(automatically load mod_authn_mysql with mod_auth for compatibility with
existing config usage via patches in various distros, e.g. FreeBSD)

x-ref:
"mySQL auth"
https://redmine.lighttpd.net/issues/752
"MySQL Digest Authentication"
https://redmine.lighttpd.net/issues/1845

History

#1

Updated by SandraDekkers over 8 years ago

#2

Updated by gstrauss over 1 year ago

#3

Updated by gstrauss over 1 year ago

  • Target version set to 1.4.42
#4

Updated by gstrauss about 1 year ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Also available in: Atom