Without any patches turning off AuthMySQL_Authoritative and doing AuthMySQL_Where solved the problem completely.
Apache2 and mysql authorization
-
28-06-2023 - |
Question
I'm trying to setup authorization on apache2 on Ubuntu 14.04 using MySQL.
.htaccess:
AuthName "restricted area"
AuthType Basic
AuthBasicAuthoritative Off
AuthUserFile /dev/null
AuthMySQL On
AuthMySQL_Authoritative on
AuthMySQL_Host 10.30.200.1
AuthMySQL_Username name
AuthMySQL_Password pass
AuthMySQL_DB db
AuthMySQL_Password_Table access
AuthMySQL_Username_Field user
AuthMySQL_Password_Field password
AuthMySQL_Encryption_Types PHP_MD5
AuthMySQL_Empty_Passwords Off
Require valid-user
If credentials is right I receive 401 error and "[:error] [pid 1763] No requires line available" in error.log. Else - just 401.
What am I doing wrong?
Solution 2
OTHER TIPS
Had the exact same problem on the same versions.
Setting the following on the .htaccess
, did the trick for me:
set AuthMySQL_Authoritative Off
The error message comes from the mod-auth-mysql module itself. I downloaded the source and took a look in the mod_auth_mysql.c file
With the function mysql_check_auth() near the end of the file you can find this:
if (!reqs_arr) {
if (sec->authoritative) {
APACHELOG(APLOG_ERR, r, "No requires line available");
return HTTP_UNAUTHORIZED;
} else {
return DECLINED;
}
}
After some research i found this site and the following patch:
http://ehealth-aussie.blogspot.de/2013/07/compiling-modauthmysqlso-under-mountain.html
http://sourceforge.net/p/modauthmysql/patches/13/
But the ubuntu/debian module is based on version 2.2.0 and not 3.0.0.
Also parts of the patch are already included:
mod-auth-mysql_4.3.9-13.1ubuntu3.diff.gz
// EDIT
First you must set AuthMySQL_Authoritative Off in order to let handle mod_authz_user the requires, like valid-user.
If you want to check the group via mod-auth-mysql a simple fix is moving the user and group requirements in the AuthMySQL_Where declaration because ap_requires does not exist anymore and the patch sets it to Null:
require group g1 g2
This becomes:
AuthMySQL_Where "AND user_group IN ('g1', 'g2')"