I ran into difficulties with getting the dbd_auth to work also. My solution was to remark it out of the config file and use mod_perl to authenticate via DBD::mysql. Sure saved me a lot of the head aches you had. But you probably don't use mod_perl. Thanks, Boysenberry boysenberrys.com | habitatlife.com | selfgnosis.com On Aug 30, 2006, at 9:38 AM, Ben wrote:
The next installment... It was time for me to add some meaningful messages to mod_authn_dbd.cHeads up to you apache developers: Try to be more imaginative when writing error messages - At least make each message unique!! There are six "Error looking up %s in database." errors in mod_autn_dbd.c - why not be a little bit more informative?Well, the good news is that I managed to get authentication working - after a new build and a couple of conf tweaks.Here is a breakdown of some of the [crit] messages - and what they appear to mean..(70023)This function has not been implemented on this platform: DBD: driver for [DBDriver unset] not available (70023)This function has not been implemented on this platform: DBD: failed to initialise---- This means that you have stuck the DBD settings inside a VirtualHost! It will pass configtest, it is (supposedly) supported, but it will fry your httpd! Rawr!Here is a breakdown of some of the [error] messages - and what they appear to mean.. "DBD: No driver for mysql" Your mysql_client_r is not linked properly! Try: ldd (apache install directory)/lib/ libaprutil-1.so | grep libmysqlclient_r "Error looking up testuser in database" One of a whole bunch of things - including no database connection "user testuser not found ..." The user is not in the table specified - (or the table doesn't exist, or the query fails... ) "user testuser: authentication failure ..." Good news! The user table / record was found - just the password was entered wrong! (or the field isn't encrypted)There is no return message saying whether or not the sql query actually worked. It would be nice for a developer to stick in a debug of the queries themselves.. (hint!) Also, LogDebug for .. dynamic library loading, function calling, sql connections, database connections, handle creation, sql query creation, the actual sql queries, the execution, an ERROR for sql error messages, LogDebug for number of records returned, the value of the password returned the and the value of the encrypted password it is trying to match - you know what LogDebug is useful for??? Debugging. (hint!) (hint!) (hint!)Also, I got a bit wobbly about which encrypt function to use.. So I tried the lot, and it turned out to be encrypt (doh)An example insert user query is: insert into users set user='test5', password=encrypt('test','test'); The conf settings that are working for me are: <VirtualHost xxxxx:80> DBDParams "dbname=client06 user=dbdauth" [........] <Directory /> AuthType Basic AuthName "Database access" AuthBasicProvider dbd Require valid-userAuthDBDUserPWQuery "select password from users where user = %s"</Directory> [........] </VirtualHost> Also - at the top of the httpd.conf file DBDriver mysql DBDPersist Off DBDMin 1 DBDKeep 1 DBDMax 1 #DBDExptime 10Now all but the first of these settings remain mysterious and magical to me - but I think I have trouble with other settings. I still don't know what causes a massive increase of active httpd threads that invariably burns the server to the ground - but hey.. here be dragons ...I am a little worried about touching anything. Eighteen hours and several levels of pain later - my keyboard dripping with the blood of ripped code - directories filled with random notes and partial files - and things work - but my confidence is in tatters.Unless the server keels over in the next few days - this adventure appears to be done!---------------------------------------------------------------------The official User-To-User support forum of the Apache HTTP Server Project.See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|