Skip to content

tessus/mod_authnz_ibmdb2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

125 Commits
man
man
 
 
src
src
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
ChangeLog
ChangeLog
 
 
INSTALL
INSTALL
 
 
LICENSE
LICENSE
 
 
Makefile.am
Makefile.am
 
 
README
README
 
 
autogen.sh
autogen.sh
 
 
configure.ac
configure.ac
 
 

Repository files navigation

+----------------------------------------------------------------------+
| mod_authnz_ibmdb2                                             README |
+----------------------------------------------------------------------+
| Author: Helmut K. C. Tessarek                                        |
+----------------------------------------------------------------------+
| Website: http://tessus.github.io/mod_authnz_ibmdb2                   |
+----------------------------------------------------------------------+

1) Install
2) Description of the module

+----------------------------------------------------------------------+
| 1. Install                                                           |
+----------------------------------------------------------------------+

see INSTALL

+----------------------------------------------------------------------+
| 2. Description of the module                                         |
+----------------------------------------------------------------------+

mod_authnz_ibmdb2 is an Apache authentication module using IBM DB2 as the backend database for
storing user and group information.

Here is a list of the new directives that come with the module:


AuthIBMDB2Database              database name (no default)

AuthIBMDB2Hostname              database server hostname for uncataloged databases (no default)

AuthIBMDB2Portnumber            database instance port (default: 50000)

AuthIBMDB2User                  user for connecting to the DB2 database (no default)

AuthIBMDB2Password              password for connecting to the DB2 database (no default)

AuthIBMDB2UserTable             name of the user table (no default)

AuthIBMDB2GroupTable            name of the group table (no default)

AuthIBMDB2NameField             name of the user field within the table (default: username)

AuthIBMDB2GroupField            name of the group field within the table (default: groupname)

AuthIBMDB2PasswordField         name of the password field within the table (default: password)

AuthIBMDB2CryptedPasswords      passwords are stored encrypted (default: yes)

AuthIBMDB2KeepAlive             connection kept open across requests (default: yes)

AuthIBMDB2Authoritative         lookup is authoritative (default: yes)

AuthIBMDB2NoPasswd              just check, if user is in usertable (default: no)

AuthIBMDB2UserCondition         restrict result set (no default)

AuthIBMDB2GroupCondition        restrict result set (no default)

AuthIBMDB2UserProc              stored procedure for user authentication (no default)

AuthIBMDB2GroupProc             stored procedure for group authentication (no default)

AuthIBMDB2Caching               user credentials are cached (default: off)

AuthIBMDB2GroupCaching          group information is cached (default: off)

AuthIBMDB2CacheFile             path to cache file (default: /tmp/auth_cred_cache)

AuthIBMDB2CacheLifetime         cache lifetime in seconds (default: 300)



Example how to use the module in the httpd.conf:

<Directory "/var/www/my_test_dir">
    AuthName                     "DB2 Authentication"
    AuthType                     Basic
    AuthBasicProvider            ibmdb2

    AuthIBMDB2User               db2inst1
    AuthIBMDB2Password           ibmdb2
    AuthIBMDB2Database           auth
    AuthIBMDB2UserTable          web.users
    AuthIBMDB2NameField          username
    AuthIBMDB2PasswordField      passwd

    AuthIBMDB2CryptedPasswords   On
    AuthIBMDB2KeepAlive          On
    AuthIBMDB2Authoritative      On
    AuthIBMDB2NoPasswd           Off

    AuthIBMDB2GroupTable         web.groups
    AuthIBMDB2GroupField         groupname

    #require                     valid-user
    require group                admin
    AllowOverride                None
</Directory>

or

<Directory "/var/www/my_test_dir">
    AuthName                     "DB2 Authentication"
    AuthType                     Basic
    AuthBasicProvider            ibmdb2

    AuthIBMDB2User               db2inst1
    AuthIBMDB2Password           ibmdb2
    AuthIBMDB2Database           auth
    AuthIBMDB2UserProc           user_sp
    AuthIBMDB2GroupProc          group_sp

    AuthIBMDB2Caching            On
    AuthIBMDB2GroupCaching       On

    require group                admin
    AllowOverride                None
</Directory>

where the stored procedures must have the following parameter format:

CREATE PROCEDURE user_sp  ( IN VARCHAR, OUT VARCHAR )
CREATE PROCEDURE group_sp ( IN VARCHAR )

The stored procedure for user authentication must return exactly one value -
the password. If AuthIBMDB2NoPasswd is set to yes, then the username has
to be returned instead of the password.

The stored procedure for group authentication must return an open cursor
to the resultset.

Two examples for stored procedures are given in the documentation.

About

Apache 2.2+ authentication module for IBM DB2

tessus.github.io/mod_authnz_ibmdb2

Topics

authentication authorization httpd apache-httpd db2 apache-module

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 5

mod_authnz_ibmdb2 2.2.6 Latest
Apr 4, 2017
+ 4 releases

Languages