March 22, 2017

Setting Up a MySQL Based Website - Part II - page 3

Performing User Authentication via MySQL

  • January 24, 2000
  • By Andrew Chen

In the directory you wish to protect, create a .htaccess file with the following lines:

AuthName Administrators Only
AuthType Basic
require group admin

This will cause most browsers to prompt for a user name and password. In this scenario, Apache will query mySQL for authentication information. First, it will verify the user name and password match. If they do, it will check if the user is in the group "admin". If so, the user will be granted access; else, access will be denied with "Authentication Failed." Other configurations are possible with mod_auth_mysql:

AuthName Members and Administrators Only
AuthType Basic
require group user admin

In this scenario, any user in the group "user" or "admin" will be allowed in. You can define as many groups as you want within mySQL by changing the "groups" field:

AuthName Paid Members Only
AuthType Basic
require user bob steve dingo

Here we are limiting it to a list of specific users. This probably won't be used often, since you'll have people like this in a group of their own for easier management.

A Quick Conclusion
The concept of "Members Only" authentication has been around for some time. Even though the examples shown here are very small scale, mySQL is capable of serving Web sites from the smallest to some of the largest around. Possible applications could be allowing employees access to Web mail by authenticating on a company-wide mySQL server, thereby eliminating the need to create a separate user list for Apache. The possibilities are endless.

Sitemap | Contact Us