httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KaiGai Kohei <>
Subject User/Realm order in AuthDBDUserRealmQuery (mod_authn_dbd)
Date Fri, 15 May 2009 07:42:37 GMT
I'm now trying to set up mod_authn_dbb for authentication purpose.
However, I faced to a concern for AuthDBDUserRealmQuery directive.

The example shows the query:
  AuthDBDUserRealmQuery \
      "SELECT password FROM authn WHERE user = %s AND realm = %s"

But, I would like to set up the query as follows:
  AuthDBDUserRealmQuery \
      "SELECT md5(uname || ':' || %s || ':' || upass) FROM uaccount WHERE uname = %s"
                                  ^^... to be realm                to be user ... ^^

It seems to me we have no way to put the replacement of the given
realm prior to username. Am I missing anything?

If we have no reasonable workaround, I would like to suggest a new
directive: AuthDBDRealmUserQuery which specifies a query for digest
authentication with realm and user parameters in this order?

What's your opinion?

# This is an aside. I would like to include a few additional conditions
# in the query, such as remote address and so on.
# For example, we can consider a web-user who can access via a certain
# network address (like,, described as:
# SELECT md5(password) FROM uaccount \
#     WHERE uname = %s AND unetwork >>= %s::inet;

OSS Platform Development Division, NEC
KaiGai Kohei <>

View raw message