Project

General

Profile

Feature #1845

MySQL Digest Authentication

Added by SandraDekkers over 11 years ago. Updated almost 4 years ago.

Status:
Fixed
Priority:
Normal
Category:
mod_auth
Target version:
ASK QUESTIONS IN Forums:

Description

This patch allows lighttpd to authenticate users against MySQL using digest authentication.
(For a patch using basic auth for Lighttpd 1.4.18, see #752. But keep in mind that basic auth does not use any encryption.)

Add this to lighttpd.conf to configure the module:

#### auth module
auth.backend                    = "mysql" 
auth.backend.mysql.host         = "$db_host" 
auth.backend.mysql.user         = "$db_user" 
auth.backend.mysql.pass         = "$db_pass" 
auth.backend.mysql.db           = "$db_name" 
auth.backend.mysql.port         = "0" # (for default port 0, always needed)
auth.backend.mysql.socket       = "" # (for default leave blank, always needed)
auth.backend.mysql.users_table  = "http_digest_auth" 
auth.backend.mysql.col_user     = "username" 
auth.backend.mysql.col_pass     = "password" 
auth.backend.mysql.col_realm    = "realm" 

And to use it (same as every other auth):

auth.require = ( "/some_path" => (
    "method"  => "digest",
    "realm"   => "some_realm",
    "require" => "valid-user" 
))

Finally, create the MySQL table. The values for the "password" column can be generated using htdigest or

MD5(CONCAT(username,':',realm,':',plaintext_password))

If you already have a table containing usernames and plaintext passwords, you can simply create a view:

CREATE VIEW http_digest_auth AS
SELECT username AS username, 
       MD5(CONCAT(username,':',realm,':',plaintext_password)) AS password, 
       realm AS realm
FROM   http_basic_auth

Thanks to DrJeckyll and Taguchi for their work on #752.


Files

lighttpd-1.4.20-mysql_digest_auth.patch (11.5 KB) lighttpd-1.4.20-mysql_digest_auth.patch MySQL Digest Authentication patch for Lighttpd 1.4.20 SandraDekkers, 2008-12-14 19:54
diff (11.5 KB) diff MySQL Digest Authentication patch for Lighttpd 1.4.21 SandraDekkers, 2009-02-21 08:52

Related issues

Related to Feature #752: mySQL authFixedActions
#1

Updated by SandraDekkers over 11 years ago

#2

Updated by gstrauss about 4 years ago

#3

Updated by gstrauss almost 4 years ago

  • Target version set to 1.4.42
#4

Updated by gstrauss almost 4 years ago

  • Status changed from New to Fixed
  • % Done changed from 0 to 100

Also available in: Atom