Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Dynamic Apache authentication via PHP

Tags:

authentication

php

apache

.htaccess

webdav

I would like to implement a dynamic authentication process using Apache and PHP. My current project is break into two parts:

  1. I have a classic LAMP project running, where users already have a login/password that I use to grant them access to different part of my system.

  2. Some documents (Text, Office, ...) are hosted on a separate DAV server (same server but different domains) and users may edit them directely from their Office program (Word, Excel ...) using Dav/ActiveX/IE combination.

I would like to allow the users registered on my first system to use different DAV method based on their current right (stored in the DB)

For example, Mr X may have access to document A with PUT/GET method, but no access to document B.

I generally solve this kind of problem by using a PHP authentication, but, as far as I know, my authentication occured within the Microsoft Office application. Office directly "discuss" with Apache so I certainly need to override the .htaccess file for example. I have too many users to store them by hand in the .htaccess (~10K) and many files on the DAV server (~1K). Moreover, users rights may change over time.

Is there a way to generate dynamic htaccess files? Or to add some sort of handlers to "tell" Apache to allow or prohibit a user/password to certain file(s)?

like image 688
elwood Avatar asked May 17 '26 09:05

elwood

1 Answers

All you need is http://modauthmysql.sourceforge.net/

You can configure your apache by .htaccess to authenticate against mysql DB. Of course you can use existing Mysql tables with users in it.

Here is my working configuration:

    <Directory "/u05/data">
            AllowOverride All

            Order Allow,Deny
            Allow from All
            Deny from None

            AddType application/octet-stream .rar
            AuthName "Download zone - secured"
            AuthType Basic

            AuthMYSQLEnable on
            AuthMySQLUser http_auth
            AuthMySQLPassword http_auth
            AuthMySQLDB mydatabase
            AuthMySQLUserTable users
            AuthMySQLNameField user_name
            AuthMySQLPasswordField user_password
            AuthMySQLPwEncryption crypt

            require valid-user
    </Directory>
like image 128
rkosegi Avatar answered May 19 '26 23:05

rkosegi
Sign in to Comment

Related questions

CodeIgniter: A Class/Library to help get meta tags from a web page?
How to do preDispatch forwarding in Zend Framework?
In PHP, how do I add 3 months to the purchase date retrieved from the iPhone InApp receipt?
Sorting by ratings in a database - Where to put this SQL? (PHP/MySQL)
What web server should I install?
At my wits end on sleep()

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!