Setting Up a MySQL Based Website - Part II - page 3
Performing User Authentication via MySQL
In the directory you wish to protect, create a
.htaccess file with the following lines:
require group admin
This will cause most browsers to prompt for a user name and password. In this scenario, Apache will query mySQL for authentication information. First, it will verify the user name and password match. If they do, it will check if the user is in the group "admin". If so, the user will be granted access; else, access will be denied with "Authentication Failed." Other configurations are possible with
AuthName Members and Administrators Only
require group user admin
In this scenario, any user in the group "user" or "admin" will be allowed in. You can define as many groups as you want within mySQL by changing the "groups" field:
AuthName Paid Members Only
require user bob steve dingo
Here we are limiting it to a list of specific users. This probably won't be used often, since you'll have people like this in a group of their own for easier management.
A Quick Conclusion
The concept of "Members Only" authentication has been around for some time. Even though the examples shown here are very small scale, mySQL is capable of serving Web sites from the smallest to some of the largest around. Possible applications could be allowing employees access to Web mail by authenticating on a company-wide mySQL server, thereby eliminating the need to create a separate user list for Apache. The possibilities are endless.