https://github.com/tessus/mod_authnz_ibmdb2

Apache 2.2+ authentication module for IBM DB2
https://github.com/tessus/mod_authnz_ibmdb2

apache-httpd apache-module authentication authorization db2 httpd

Last synced: about 1 month ago
JSON representation

Apache 2.2+ authentication module for IBM DB2

• Host: GitHub
• URL: https://github.com/tessus/mod_authnz_ibmdb2
• Owner: tessus
• License: apache-2.0
• Created: 2013-12-21T09:43:49.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2023-02-15T22:34:21.000Z (almost 2 years ago)
• Last Synced: 2024-05-01T12:51:36.851Z (7 months ago)
• Topics: apache-httpd, apache-module, authentication, authorization, db2, httpd
• Language: C
• Homepage: http://tessus.github.io/mod_authnz_ibmdb2
• Size: 194 KB
• Stars: 0
• Watchers: 3
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README
  • Changelog: ChangeLog
  • License: LICENSE

Awesome Lists containing this project

README

        
+----------------------------------------------------------------------+

| mod_authnz_ibmdb2                                             README |

+----------------------------------------------------------------------+

| Author: Helmut K. C. Tessarek                                        |

+----------------------------------------------------------------------+

| Website: http://tessus.github.io/mod_authnz_ibmdb2                   |

+----------------------------------------------------------------------+

1) Install

2) Description of the module

+----------------------------------------------------------------------+

| 1. Install                                                           |

+----------------------------------------------------------------------+

see INSTALL

+----------------------------------------------------------------------+

| 2. Description of the module                                         |

+----------------------------------------------------------------------+

mod_authnz_ibmdb2 is an Apache authentication module using IBM DB2 as the backend database for

storing user and group information.

Here is a list of the new directives that come with the module:

AuthIBMDB2Database              database name (no default)

AuthIBMDB2Hostname              database server hostname for uncataloged databases (no default)

AuthIBMDB2Portnumber            database instance port (default: 50000)

AuthIBMDB2User                  user for connecting to the DB2 database (no default)

AuthIBMDB2Password              password for connecting to the DB2 database (no default)

AuthIBMDB2UserTable             name of the user table (no default)

AuthIBMDB2GroupTable            name of the group table (no default)

AuthIBMDB2NameField             name of the user field within the table (default: username)

AuthIBMDB2GroupField            name of the group field within the table (default: groupname)

AuthIBMDB2PasswordField         name of the password field within the table (default: password)

AuthIBMDB2CryptedPasswords      passwords are stored encrypted (default: yes)

AuthIBMDB2KeepAlive             connection kept open across requests (default: yes)

AuthIBMDB2Authoritative         lookup is authoritative (default: yes)

AuthIBMDB2NoPasswd              just check, if user is in usertable (default: no)

AuthIBMDB2UserCondition         restrict result set (no default)

AuthIBMDB2GroupCondition        restrict result set (no default)

AuthIBMDB2UserProc              stored procedure for user authentication (no default)

AuthIBMDB2GroupProc             stored procedure for group authentication (no default)

AuthIBMDB2Caching               user credentials are cached (default: off)

AuthIBMDB2GroupCaching          group information is cached (default: off)

AuthIBMDB2CacheFile             path to cache file (default: /tmp/auth_cred_cache)

AuthIBMDB2CacheLifetime         cache lifetime in seconds (default: 300)

Example how to use the module in the httpd.conf:

    AuthName                     "DB2 Authentication"

    AuthType                     Basic

    AuthBasicProvider            ibmdb2

    AuthIBMDB2User               db2inst1

    AuthIBMDB2Password           ibmdb2

    AuthIBMDB2Database           auth

    AuthIBMDB2UserTable          web.users

    AuthIBMDB2NameField          username

    AuthIBMDB2PasswordField      passwd

    AuthIBMDB2CryptedPasswords   On

    AuthIBMDB2KeepAlive          On

    AuthIBMDB2Authoritative      On

    AuthIBMDB2NoPasswd           Off

    AuthIBMDB2GroupTable         web.groups

    AuthIBMDB2GroupField         groupname

    #require                     valid-user

    require group                admin

    AllowOverride                None

or

    AuthName                     "DB2 Authentication"

    AuthType                     Basic

    AuthBasicProvider            ibmdb2

    AuthIBMDB2User               db2inst1

    AuthIBMDB2Password           ibmdb2

    AuthIBMDB2Database           auth

    AuthIBMDB2UserProc           user_sp

    AuthIBMDB2GroupProc          group_sp

    AuthIBMDB2Caching            On

    AuthIBMDB2GroupCaching       On

    require group                admin

    AllowOverride                None

where the stored procedures must have the following parameter format:

CREATE PROCEDURE user_sp  ( IN VARCHAR, OUT VARCHAR )

CREATE PROCEDURE group_sp ( IN VARCHAR )

The stored procedure for user authentication must return exactly one value -

the password. If AuthIBMDB2NoPasswd is set to yes, then the username has

to be returned instead of the password.

The stored procedure for group authentication must return an open cursor

to the resultset.

Two examples for stored procedures are given in the documentation.