Version 3.0.0 of mod_auth_mysql has just been released. Changes include:
- Fixed a bug when using AES encryption
- Added new parameter AuthMySQLGroupUserNameField to specify the user name field in the group table
- Changed the default include file for the crypt() function to the newer unistd.h file (the old
crypt.h file can still be included - see the instructions in the BUILD file)
- Added code to allow comparing to stored cookies
- Performance improvement. Module will no longer reselect the database if the same one is being
used for multiple requests. Note that if a second copy of the module is initialized by Apache,
we will still need to connect and select the database.
- Removed the AuthMySQLKeepAlive parameter, which doesn't work and causes problems.
mod_auth_mysql is an Apache module which allows authentication and authorization against a MySQL database. The module allows system adminstrators to keep userid, password and group infomration in a mysql database instead of a .htpasswd file. The module supports several standard encryption methods for the password, increasing security should the database be compromised. This makes management of users much easier.
The module supports standard Apache configuration options such as:
require user user1 [user2 [user3..]]
require group group1 [group2 [group3...]]
Configuration options may be placed in httpd.conf or .htaccess file, just as with the mod_auth module.
Authentication/authorization are performed throught the Apache interface, requiring no changes to existing web pages and scripts.