GCS Amplitude
GCS Amplitude

Apache Module mod_authn_dbd

mod_dbd configuration

UPDATED to include authentication cacheing DBDriver pgsql DBDParams "dbname=apacheauth user=apache password=xxxxxx" DBDMin 4 DBDKeep 8 DBDMax 20 DBDExptime 300

mod_authn_core and mod_auth_basic configuration

for mod_authn_dbd AuthType Basic AuthName "My Server"

To cache credentials, put socache ahead of dbd here AuthBasicProvider socache dbd

Also required for caching: tell the cache to cache dbd lookups! AuthnCacheProvideFor dbd AuthnCacheContext my-server

mod_authz_core configuration Require valid-user

mod_authn_dbd SQL query to authenticate a user AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"

This module provides authentication front-ends such as

to authenticate users by looking up users in SQL tables. Similar functionality is provided by, for example, modauthbasic

to specify the backend database driver and connection parameters, and manage the database connections.mod_dbd

, this module is invoked via the modauthdigest

to cache credentials and take most of the load off the database.modauthnsocache

This simple example shows use of this module in the context of the Authentication and DBD frameworks.

If a database query for example returned the username, full name and telephone number of a user, a CGI program will have access to this information without the need to make a second independent database query to gather this additional information.

This has the potential to dramatically simplify the coding and configuration required in some web applications.

The first column value of the first row returned by the query statement should be a string containing the encrypted password. Subsequent rows will be ignored. If no rows are returned, the user will not be authenticated through

If httpd was built against APR version 1.3.0 or higher, any additional column values in the first row returned by the query statement will be stored as environment variables with names of the form AUTHENTICATE_

The encrypted password format depends on which authentication frontend (e.g.

) is being used. See modauthdigestPassword Formats for more information.

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.4

Apache Module mod_authn_dbd

Available Languages: en | fr

Performance and Cacheing

Some users of DBD authentication in HTTPD 2.2/2.4 have reported that it imposes a problematic load on the database. This is most likely where an HTML page contains hundreds of objects (e.g. images, scripts, etc) each of which requires authentication. Users affected (or concerned) by this kind of pro

Exposing Login Information

If httpd was built against APR version 1.3.0 or higher, then whenever a query is made to the database server, all column values in the first row returned by the query are placed in the environment, using environment variables with the prefix "AUTHENTICATE_".

AuthDBDUserPWQuery Directive

The AuthDBDUserPWQuery specifies an SQL query to look up a password for a specified user. The user's ID will be passed as a single string parameter when the SQL query is executed. It may be referenced within the query statement using a %s format specifier.

AuthDBDUserRealmQuery Directive

The AuthDBDUserRealmQuery specifies an SQL query to look up a password for a specified user and realm in a digest authentication process. The user's ID and the realm, in that order, will be passed as string parameters when the SQL query is executed. They may be referenced within the query statement