$Id: README,v 1.8 2006/12/31 17:08:35 tessus Exp $
Copyright (c) 2006 Helmut K. C. Tessarek written by Helmut K. C. Tessarek
http://mod-auth-ibmdb2.sourceforge.net
- Contents
- Description of the module
- File descriptions
1) Description of the module
mod_authnz_ibmdb2 is an Apache authentication module using IBM DB2 as the backend database for storing user and group information.
Here is a list of the new directives that come with the module:
AuthIBMDB2User user for connecting to the DB2 database (no default)
AuthIBMDB2Password password for connecting to the DB2 database (no default)
AuthIBMDB2Database database name (no default)
AuthIBMDB2UserTable name of the user table (no default)
AuthIBMDB2GroupTable name of the group table (no default)
AuthIBMDB2NameField name of the user field within the table (defaults to 'username')
AuthIBMDB2GroupField name of the group field within the table (defaults to 'groupname')
AuthIBMDB2PasswordField name of the password field within the table (defaults to 'password')
AuthIBMDB2CryptedPasswords passwords are stored encrypted (defaults to yes)
AuthIBMDB2KeepAlive connection kept open across requests (defaults to yes)
AuthIBMDB2Authoritative lookup is authoritative (defaults to yes)
AuthIBMDB2NoPasswd just check, if user is in usertable (defaults to no)
AuthIBMDB2UserCondition restrict result set (no default)
AuthIBMDB2GroupCondition restrict result set (no default)
AuthIBMDB2UserProc stored procedure for user authentication (no default)
AuthIBMDB2GroupProc stored procedure for group authentication (no default)
AuthIBMDB2Caching user credentials are cached (defaults to off)
AuthIBMDB2GroupCaching group information is cached (defaults to off)
AuthIBMDB2CacheFile path to cache file (defaults to /tmp/auth_cred_cache )
AuthIBMDB2CacheLifetime cache lifetime in seconds (defaults to 300)
Example how to use the module in the httpd.conf:
<Directory "/var/www/my_test_dir">
AuthName "DB2 Authentication"
AuthType Basic
AuthBasicProvider ibmdb2
AuthIBMDB2User db2inst1
AuthIBMDB2Password ibmdb2
AuthIBMDB2Database auth
AuthIBMDB2UserTable web.users
AuthIBMDB2NameField username
AuthIBMDB2PasswordField passwd
AuthIBMDB2CryptedPasswords On
AuthIBMDB2KeepAlive On
AuthIBMDB2Authoritative On
AuthIBMDB2NoPasswd Off
AuthIBMDB2GroupTable web.groups
AuthIBMDB2GroupField groupname
#require valid-user
require group admin
AllowOverride None
</Directory>
or
<Directory "/var/www/my_test_dir">
AuthName "DB2 Authentication"
AuthType Basic
AuthBasicProvider ibmdb2
AuthIBMDB2User db2inst1
AuthIBMDB2Password ibmdb2
AuthIBMDB2Database auth
AuthIBMDB2UserProc user_sp
AuthIBMDB2GroupProc group_sp
AuthIBMDB2Caching On
AuthIBMDB2GroupCaching On
require group admin
AllowOverride None
</Directory>
where the stored procedures must have the following parameter format:
CREATE PROCEDURE user_sp ( IN VARCHAR, OUT VARCHAR ) CREATE PROCEDURE group_sp ( IN VARCHAR )
The stored procedure for user authentication must return exact one value - the password. If AuthIBMDB2NoPasswd is set to yes, then the username has to be returned instead of the password.
The stored procedure for group authentication must return an open cursor to the resultset.
Two examples for stored procedures are given in the documentation.
2) File descriptions
mod_authnz_ibmdb2.c the Apache module mod_authnz_ibmdb2.h the Apache module's header file caching.h include file for caching mechanism md5_crypt.h include file for validating passwords makemod bash script to compile the module README this file INSTALL compiling and installing instructions CHANGES change log man/maninstall bash script to install the manpages