httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] Using PostgreSQL auth - user permissions
Date Thu, 28 Feb 2013 17:02:37 GMT
On Thu, Feb 28, 2013 at 4:46 AM, D'Arcy J.M. Cain <darcy@vex.net> wrote:
> On Thu, 28 Feb 2013 13:04:21 +1100
> Igor Cicimov <icicimov@gmail.com> wrote:
>> > I have recently upgraded to Apache 2.4, suExec and dbd
>> > authentication with PostgreSQL.  This is on a system with multiple
>> > users.  Here is an example virtual host entry:
>> >
>> > <VirtualHost 98.158.134.24:80>
>> >     ServerName admin.occ4u.org
>> >     DocumentRoot /u/WEB/Misc/OCC_Admin
>> >     ServerAdmin webmaster@vex.net
>> >     SuexecUserGroup darcy vex
>> >
>> >     DBDriver pgsql
>> >     DBDParams "host=localhost dbname=occ user=occ"
>> >
>>
>> I think the password for the user that connects to the DB should also
>> be declared here like:
>
> I have two problems with that.  I don't know all of my user's passwords
> and I don't want to store clear text passwords in the configs.
>

I think you're going to have great difficulties getting Apache to
query a database you cannot supply the credentials for..

Can you not create a specific role user that can access each user's
DB. That way, you would not need to specify their password in the conf
file, just your role users password. The conf file can also be only
readable by root for on disk security.

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message