mod_mya 3.0 - MySQL Authentication Module mod_mya is an Apache Web Server module allowing basic authentication data to be stored in a MySQL database thus deprecating file based configuration. Building and Installing Apache with mod_mya mod_mya is configured using the Apache 2.0 configuration system. Normally a vanilla install of Apache doesnÕt require a rebuild of the configuration system, but since mod_mya requires libraries not usually built into Apache it is necessary to rebuild the configure script using GNU autoconf. If the GNU autoconf tools are not installed on the system then they can be downloaded from a GNU distribution site, for more information check the GNU autoconf website http://www.gnu.org/software/autoconf/. Please note that GNU autoconf also requires a recent release of an m4 macro processor which can also be found at a GNU distribution site. The next step is to download the mod_mya source from http://www.synthemesc.com/ Once the package is downloaded de-archive it and move it to the Apache 2.0 modules directory. The resultant directory name should be mod_mya after de-archiving. $ mv mod_mya httpd-2.0.43/modules/mod_mya Now the Apache configuration system is ready to be rebuilt and include mod_mya. Change directory to the root level of the Apache 2.0 source and rebuild the configuration system by typing the following commands. $ ./buildconf Running the configure script with the help flag will show that mod_mya configuration macros have been assimilated into the Apache configuration system. $ ./configure --help --disable-mya MySQL authentication module --with-mysqldir=DIR MySQL directory prefix mod_mya is enabled by default once the Apache configuration has been rebuilt. If it is necessary to disable mod_mya then this may be accomplished with the --disable-mya option passed to the configure script. The --with-mysqldir=DIR will specify a non-default location to find the MySQL libraries and include files, usually located by default in /usr/local. The next step is to configure the Apache build process by running the configure script. During configuration we will see status output, the mod_mya configuration status output will look similar to the following. checking whether to enable mod_mya... yes (default) using `/usr/local' as MySQL directory prefix adding "-L/usr/local/lib/mysql" to LDFLAGS checking for mysql_init in -lmysqlclient... yes adding "-lmysqlclient" to LIBS adding "-R/usr/local/lib/mysql" to LDFLAGS adding "-I/usr/local/include/mysql" to INCLUDES If configuration fails the most likely problem is that the MySQL distribution isn't installed or is in a directory that couldn't be found, try passing --with-mysqldir=DIR to configure to specify a directory tree that MySQL is installed at. After configuration has completed the Apache web server can be compiled. Change directory to the root level of the Apache 2.0 source distribution and execute the following commands. $ make $ make install This will compile Apache 2.0 with mod_mya and install the distribution in the location specified at configuration time. The Apache 2.0 binary will contain a statically linked mod_mya module which may also statically link MySQL libraries depending on your MySQL installation. Configuring mod_mya in Apache Configure Files In order to use mod_mya with Apache Web Server server configuration blocks will need to be configured with mod_mya configuration directives described in the table below. mod_mya configuration directives can be located within <Location></Location> and <Directory></Directory> configuration blocks. mya This switch makes mod_mya active for the specified server. mya_CLIENT_COMPRESS Enables the CLIENT_COMPRESS option with a MySQL server allowing the connection data to be compressed. Using this option will likely require more cpu time and less network bandwidth. mya_CLIENT_SSL Enables the CLIENT_SSL option when communicating with a MySQL server. mya_MySQL_Database Sets the database name to use when running a query for file name translations. mya_MySQL_Table Sets the table name to use when running a query for check user id. mya_MySQL_Group_Table Sets the group table name to use when running a query for authorization checking. mya_MySQL_Username_Field Sets the name of the username field in the table specified by mya_MySQL_Table. mya_MySQL_Password_Field Sets the name of the password field in the table specified by mya_MySQL_Table. mya_MySQL_Group_Field Sets the name of the group field in the table specified by mya_MySQL_Table. mya_MySQL_Host Sets the internet hostname where the MySQL server is located at. This option is not required and defaults to localhost. mya_MySQL_Port Sets the port number to connect to when making a connection to a MySQL server. This option is not required and defaults to 0 for using a UNIX domain socket. mya_MySQL_Username Sets the username required to gain access to the MySQL server. This option is not required. mya_MySQL_Password Sets the password required to gain access to the MySQL server. This option is not required. mya_Authoritative Sets whether mod_mya will exit the request phase and not allow other authentication modules to run. mya_Encryption Sets the encryption method mod_mya will use for checking passwords, options are PlainText, Crypt (standard unix crypt()), Password (MySQL PASSWORD()), and All to attempt and match against all password encodings. An example configuration may look something like this. <VirtualHost 206.9.161.29> ServerName www.example <Directory /export/super-secret> AuthType basic AuthName "Top Secret Stuff" require valid-user mya On mya_MySQL_Database virtual_users mya_MySQL_Table virtual_users mya_MySQL_Username_Field username mya_MySQL_Password_Field password mya_Authoritative On mya_Encryption PlainText </Directory> </VirtualHost> The corresponding database schema would look like this. The username field must be identical in both virtual_users and groups tables. CREATE TABLE virtual_users ( username char(32) NOT NULL, password char(32), PRIMARY KEY (username) ); CREATE TABLE groups ( groupname char(32) NOT NULL, username char(32) NOT NULL ); INSERT INTO virtual_users VALUES ('user','password'); Additional Information mod_mya assumes that its connection to the MySQL server is persistent. If there are excessive disconnections try setting the wait_timeout variable for MySQL to a larger value. Apache Web Server 2.0 is required, and at least MySQL 3.23 is required. References mod_mya is an Apache 2.0 module using MySQL libraries, more about Apache Web Server can be found at http://www.apache.org/. Documentation regarding MySQL can be found at http://www.mysql.com/