httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ernst schoen-rene" <erns...@gmail.com>
Subject Re: [users@httpd] dbd syntax
Date Sat, 27 Dec 2008 18:46:24 GMT
Oh, one other thing that should be cleared up in the documentation.  The
example sql syntax for selecting the pass is this:

select password from users where user_id = %s

One would normally expect to have to put quotes around the %s as in:

select password from users where user_id = '%s'

but that's not the case.  It doesn't work with the quotes, only without.

On Sat, Dec 27, 2008 at 10:34 AM, ernst schoen-rene <ernstsr@gmail.com>wrote:

> I did have the mysql driver, and after many clean install attempts, I
> installed apache 2.2.11  from apache 2.2.10 without re-compiling apr or
> apr-util and bam, it worked.  My log files showed "could not connect to
> mysql server" error.  mod_dbd only began connecting when I added a socket or
> port option.  If I take that away, no connection.  My socket is
> /tmp/mysql.sock, my port is 3306, both the normal default.
>   Of course, even better than just breaking the password encryption the way
> I had to would be to allow the user to choose encryption, the way
> mod_auth_mysql did.
>
> On Sat, Dec 27, 2008 at 9:56 AM, Nick Kew <nick@webthing.com> wrote:
>
>> On Sat, 27 Dec 2008 09:10:25 -0800
>> "ernst schoen-rene" <ernstsr@gmail.com> wrote:
>>
>> > I have solved this problem.
>> > I am running fedora64 on amd64.
>> > mod_dbd with mysql simply doesn't work on my install of apache
>> > 2.2.10.  I installed 2.2.11 and it works, but there are elements that
>> > I think are under-documented or poorly documented.
>>
>> OK, that probably means your 2.2.10 didn't have the MySQL driver.
>> The actual error message there would've identified it.
>>
>> > First, the DBDParams command for mysql requires that you put in a
>> > port or a socket, even if they are the defaults.
>>
>> Um, not for anyone else I've heard of.
>>
>> >   It does not require
>> > you to put in a database name.  The DBDParams can be delimited by a
>> > number of characters including a comma, space and '|', but it doesn't
>> > mention this in the documentation.
>>
>> The documents show a format that works.  The other delimiters are a
>> freebie extra, for people who prefer them.
>>
>> > Secondly, the function in mod_authn_dbd that compares passwords
>> > compares the password your sql statement returns with an ENCRYPTED
>> > password.  It does say this once in the documentation, but all the
>> > sql examples do not indicate this.  There is no documentation about
>> > how to produce a password using the same encryption that apache
>> > uses.  I had to change the code for mod_authn_dbd to just compare
>> > unencrypted passwords.  For my application, encryption doesn't
>> > matter, and I think it's sort of silly to encrypt passwords that are
>> > transmitted in plain text anyway.  Documentation on how to produce an
>> > encrypted password in one's sql command would be useful.
>>
>> Good point: the mod_auth[nz]_dbd pages could use an additional section
>> about the database and password formats.  Contributions always welcome
>> if the regular devs don't get a round tuit!
>>
>> Another little exercise for anyone with a spare hour or two:
>> a script to convert a htpasswd or htdigest file for use with DBD.
>> Extra kudos if you do the hard bit, and make it work with all
>> the databases.
>>
>> --
>> Nick Kew
>>
>> Application Development with Apache - the Apache Modules Book
>> http://www.apachetutor.org/
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

Mime
View raw message