I'm having a problem setting up modauthmysql on a RedHat box.
I'm using RHEL4 with the "httpd-2.0.52-28.ent" and "mod_auth_mysql-2.6.1-2.2" packages.
Problem is, whenever I try to connect to a page which needs authentication i get this error in httpd's log :
----------
[Thu Nov 30 10:41:31 2006] [error] [client xx.xx.xx.xx] MySQL ERROR: Access denied for user 'apache'@'localhost' (using password: YES)
[Thu Nov 30 10:41:31 2006] [error] [client xx.xx.xx.xx] MySQL user admin not found: /whatever/
----------
I can login in Mysql with user apache@localhost just fine (even with the apache system user) :
----------
root@machine:/ # su -s /bin/zsh - apache
apache@machine:/var/www $ mysql -u apache -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 32 to server version: 4.1.20
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
----------
"show grants;" command confirms I'm logged in as "apache@localhost" with various grants.
I also tried building mod_auth_mysql from sources with the same results. I can't find any more infos than "access denied" in MySQL logs.
I tried using another socket file and TCP connection, same problem. Tried connecting to a remote MySQL5 database (which works with another (debian) mod_auth_mysql), same problem.
I think I tried everything I could think of, so if anyone has a clue...
Thanks
T.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm not sure what the "mod_auth_mysql-2.6.1-2.2" package" is. We do have a 2.6.1 package, but I don't know what the 2.2 would be. But building it from source should work OK.
The "Access denied" message indicates your user is not able to log in. When you say you can log in with apache@localhost, are you saying you can go to a command line (i.e. telnet/ssh) on the server and issue
mysql -u apache -p
then enter your password on the server and it will log in?
Also, is it possible you have the development libs from an older version of MySQL which you are compiling/linking against? There was a change in MySQL 4.1's handling of password, and compiling/linking against an older version will give this problem.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2006-12-06
2.2 may be the "version" of the build (meaning the package is indeed v2.6.1 and has been built a number of times maybe with differents parameters), gotta check to be certain (I'm not quite used to RH yet).
For the "login in mysql" part, I meant ssh-ing and logging in command line (see the part in the first post where I can get the user prompt in mysql)
I tried compiling it with various libs and also tried with old_password on and off in mysqld config.
Anyways, switching to CAS auth soon, so don't worry to much :)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I encounter the very same problem, but on a SuSE 10.0 box. My Apache version is 2.0.54-10 and I'm using the apache2_mod_auth_mysql version 2.8.1-5. Any time I try to log in from a page protected by a .htaccess file, I get an error entry in httpd's logs:
Access denied for user 'test'@'localhost' (using password: YES)
MySQL user test not found: ...
I also tried compiling from sources to get the module going and I tried many different ways in setting up the .htaccess file. I placed a script to see what is transferred from the login dialogue and everything seems to be fine. I just can't get the module working, any user (on any machine in the network) is not found.
I would appreciate any hint what to do to get the module working.
Thanks,
H.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I was off some time, so I could not reply earlier.
I do not do anything special either. I also thought, that there is something wrong with the userid/password combination. I entered some users, some using password encryption, some not. I used different DBs and tables. But it did not work.
The server is a remote one: A SuSE 10.0 linux machine and I try to access from a Windows XP box. Doesn't work. If I ssh to my Linux machine, I can lo onto MySQL without problems.
I also tried different settings in my .htaccess file. The last one is rather basic:
AuthName "Test"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLDB Users
AuthMySQLUserTable users
AuthMySQLEnable On
require User Test
I've got some php scripts on the linux box that access MySQL without any problems. If I try the very same user on the .htaccess file it doesn't work.
Bhenry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That's not the same thing. SSH gets you to a command line on the machine itself, where you are logging on to mysql locally. But your authorization is using a remote connection.
You can load the MySQL client on your Windows XP box. You need to ensure you can access MySQL remotely with the userid and password you are using. I suspect you cannot.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
An easy way to check if your setup is working is to turn on logging in mysql to see every single db connection. Be careful when doing this as it will grow your log file quickly!
Turn the setting off when you are done.
You'll need to unhash this line in your my.cnf
#log = /var/log/mysql.log
Then restart your mysql server and tail -f "/var/log/mysql.log" log to see if you are connecting.
If it is working you'll see something like this.
8 Connect root@localhost on apache_auth
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project
You will see your auth database in the log.
I think your problem is your config.
I am running ubuntu dapper and I had to use the following.
EXAMPLE CONFIG:
#
# TEST DIRECTORY - MYSQL AUTH
#
Alias /projects /var/www/webdav/
<Directory /var/www/webdav>
DAV On
DavMinTimeout 600
Options -All +FollowSymlinks +Indexes
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_Password_Table clients
AuthMySQL_Group_Table clients
AuthMySQL_Empty_Passwords off
AuthName "Project Server"
AuthType Basic
LimitXMLRequestBody 1000000
DAVDepthInfinity off
<Limit GET PUT POST PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK DELETE>
AuthMySQL_DB apache_auth
AuthMySQL_Encryption_Types Plaintext Crypt_DES
Require user admin
</Limit>
<Limit GET PROPFIND COPY>
AuthMySQL_DB apache_auth
AuthMySQL_Encryption_Types Plaintext Crypt_DES
Require user user
</Limit>
</Directory>
I also had to put the connection details in my apache.conf
Auth_MySQL_Info database_name dbuser password
and it's working for me.
Hope you come right, otherwise contact me at winston.nolan@gmail.com and we can negotiate a fee. I'll have you running in no time.
Bye
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
We don't recommend enabling the log file because it not only grows very quickly, it is a security risk (logons are logged with userid/password in clear text). Additionally, all it would tell us is that the logon failed, which we already know.
As for your configuration - AuthMySQL_Authoritative is not valid for this version of mod_auth_mysql. Ours does not use underscores in the command. And some, like AuthMySQL_Empty_Passwords and Auth_MySQL_Info are not valid, with or without the underscores. I believe you are using someone else's version of mod_auth_mysql.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I'm having a problem setting up modauthmysql on a RedHat box.
I'm using RHEL4 with the "httpd-2.0.52-28.ent" and "mod_auth_mysql-2.6.1-2.2" packages.
Problem is, whenever I try to connect to a page which needs authentication i get this error in httpd's log :
----------
[Thu Nov 30 10:41:31 2006] [error] [client xx.xx.xx.xx] MySQL ERROR: Access denied for user 'apache'@'localhost' (using password: YES)
[Thu Nov 30 10:41:31 2006] [error] [client xx.xx.xx.xx] MySQL user admin not found: /whatever/
----------
I can login in Mysql with user apache@localhost just fine (even with the apache system user) :
----------
root@machine:/ # su -s /bin/zsh - apache
apache@machine:/var/www $ mysql -u apache -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 32 to server version: 4.1.20
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
----------
"show grants;" command confirms I'm logged in as "apache@localhost" with various grants.
Here's the apache configuration :
----------
<VirtualHost *:443>
[...]
<Directory /var/www/html/whatever>
AuthMySQLEnable on
AuthMySQLHost localhost
AuthMySQLUser apache
AuthMySQLPassword toto
AuthMySQLDB adresseinno
AuthMySQLUserTable users
AuthMySQLPassword users
AuthMySQLGroupTable users
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLGroupField gid
AuthMySQLKeepAlive Off
AuthType Basic
AuthName Vdesk
require valid-user
</Directory>
</VirtualHost>
----------
I also tried building mod_auth_mysql from sources with the same results. I can't find any more infos than "access denied" in MySQL logs.
I tried using another socket file and TCP connection, same problem. Tried connecting to a remote MySQL5 database (which works with another (debian) mod_auth_mysql), same problem.
I think I tried everything I could think of, so if anyone has a clue...
Thanks
T.
Hi, Thomas,
I'm not sure what the "mod_auth_mysql-2.6.1-2.2" package" is. We do have a 2.6.1 package, but I don't know what the 2.2 would be. But building it from source should work OK.
The "Access denied" message indicates your user is not able to log in. When you say you can log in with apache@localhost, are you saying you can go to a command line (i.e. telnet/ssh) on the server and issue
mysql -u apache -p
then enter your password on the server and it will log in?
Also, is it possible you have the development libs from an older version of MySQL which you are compiling/linking against? There was a change in MySQL 4.1's handling of password, and compiling/linking against an older version will give this problem.
2.2 may be the "version" of the build (meaning the package is indeed v2.6.1 and has been built a number of times maybe with differents parameters), gotta check to be certain (I'm not quite used to RH yet).
For the "login in mysql" part, I meant ssh-ing and logging in command line (see the part in the first post where I can get the user prompt in mysql)
I tried compiling it with various libs and also tried with old_password on and off in mysqld config.
Anyways, switching to CAS auth soon, so don't worry to much :)
Hi,
I encounter the very same problem, but on a SuSE 10.0 box. My Apache version is 2.0.54-10 and I'm using the apache2_mod_auth_mysql version 2.8.1-5. Any time I try to log in from a page protected by a .htaccess file, I get an error entry in httpd's logs:
Access denied for user 'test'@'localhost' (using password: YES)
MySQL user test not found: ...
I also tried compiling from sources to get the module going and I tried many different ways in setting up the .htaccess file. I placed a script to see what is transferred from the login dialogue and everything seems to be fine. I just can't get the module working, any user (on any machine in the network) is not found.
I would appreciate any hint what to do to get the module working.
Thanks,
H.
Bhenry,
This message indicates the userid/password combination is incorrect.
We don't do anything special here. We just take what you have in the AuthMySQLUser and AuthMySQL Password entries and pass them on.
Is this a local server or a remote one? And are you sure the user *from the computer Apache is running in* is authorized to access mysql?
Can you telnet or ssh to this system and log onto MySQL with the parameters you have in your .htaccess file?
What do you have in your .htaccess file (other than the real userid/password, of course)?
Jerry
Hi Jerry,
I was off some time, so I could not reply earlier.
I do not do anything special either. I also thought, that there is something wrong with the userid/password combination. I entered some users, some using password encryption, some not. I used different DBs and tables. But it did not work.
The server is a remote one: A SuSE 10.0 linux machine and I try to access from a Windows XP box. Doesn't work. If I ssh to my Linux machine, I can lo onto MySQL without problems.
I also tried different settings in my .htaccess file. The last one is rather basic:
AuthName "Test"
AuthType Basic
AuthMySQLHost localhost
AuthMySQLDB Users
AuthMySQLUserTable users
AuthMySQLEnable On
require User Test
I've got some php scripts on the linux box that access MySQL without any problems. If I try the very same user on the .htaccess file it doesn't work.
Bhenry
The first question is - can you access the remote from a mysql command line on your XP box? I suspect that is not possible with your current setup.
Sorry, I only have an ssh connection to the remote and no other mysql command line on my XP box. Using ssh I can log onto mysql without any problems.
That's not the same thing. SSH gets you to a command line on the machine itself, where you are logging on to mysql locally. But your authorization is using a remote connection.
You can load the MySQL client on your Windows XP box. You need to ensure you can access MySQL remotely with the userid and password you are using. I suspect you cannot.
Hi guys,
An easy way to check if your setup is working is to turn on logging in mysql to see every single db connection. Be careful when doing this as it will grow your log file quickly!
Turn the setting off when you are done.
You'll need to unhash this line in your my.cnf
#log = /var/log/mysql.log
Then restart your mysql server and tail -f "/var/log/mysql.log" log to see if you are connecting.
If it is working you'll see something like this.
8 Connect root@localhost on apache_auth
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project_admin',groups)
8 Query SELECT passwd FROM clients WHERE username='project_admin1'
8 Query SELECT count(*) FROM clients WHERE username='project_admin1' and FIND_IN_SET('project
You will see your auth database in the log.
I think your problem is your config.
I am running ubuntu dapper and I had to use the following.
EXAMPLE CONFIG:
#
# TEST DIRECTORY - MYSQL AUTH
#
Alias /projects /var/www/webdav/
<Directory /var/www/webdav>
DAV On
DavMinTimeout 600
Options -All +FollowSymlinks +Indexes
AuthMYSQL on
AuthMySQL_Authoritative on
AuthMySQL_Password_Table clients
AuthMySQL_Group_Table clients
AuthMySQL_Empty_Passwords off
AuthName "Project Server"
AuthType Basic
LimitXMLRequestBody 1000000
DAVDepthInfinity off
<Limit GET PUT POST PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK DELETE>
AuthMySQL_DB apache_auth
AuthMySQL_Encryption_Types Plaintext Crypt_DES
Require user admin
</Limit>
<Limit GET PROPFIND COPY>
AuthMySQL_DB apache_auth
AuthMySQL_Encryption_Types Plaintext Crypt_DES
Require user user
</Limit>
</Directory>
I also had to put the connection details in my apache.conf
Auth_MySQL_Info database_name dbuser password
and it's working for me.
Hope you come right, otherwise contact me at winston.nolan@gmail.com and we can negotiate a fee. I'll have you running in no time.
Bye
Winston,
We don't recommend enabling the log file because it not only grows very quickly, it is a security risk (logons are logged with userid/password in clear text). Additionally, all it would tell us is that the logon failed, which we already know.
As for your configuration - AuthMySQL_Authoritative is not valid for this version of mod_auth_mysql. Ours does not use underscores in the command. And some, like AuthMySQL_Empty_Passwords and Auth_MySQL_Info are not valid, with or without the underscores. I believe you are using someone else's version of mod_auth_mysql.
Hi Jerry,
you are right, I can't connect to MySQL from the command line of my XP box. Seems to be some configuration problem with my MySQL server, then.
Thank you very much for your help and patience.
Bhenry