I may have customers with download capability: CustomerA: areas 1,3,5,7,14,15 CustomerB: areas 3,5,7 CustomerC: area 4 etc. I wish to use mod_auth_mysql protection. I was pleased to see this option on the selection list for protection methods. However, on scanning the code, I don't see how the provided implementation can possibly work. The aMember provided script expects a single table of the format: CREATE TABLE user_info ( username CHAR(30) NOT NULL, passwd CHAR(20) NOT NULL, groups CHAR(10), PRIMARY KEY (user) ); Therefore, each "username" may have one and only one row in this table, and a 10-character column is defined for "groups". As I read the script, it expects to write into the "groups" column for CustomerA a constructed string of the form: "PRODUCT_1,PRODUCT_3,PRODUCT_5,PRODUCT_7,PRODUCT_14,PRODUCT_15" I count 62 characters to be written to a 10 character column. ?? In any event, mod_auth_mysql does not support multiple groups in a string of this kind. From auth_mysql.conf, I read that the correct database layout (and configuration directives) for support of multiple groups is as follows: # CREATE DATABASE auth; # USE auth; # CREATE TABLE users ( # user_name CHAR(30) NOT NULL, # user_passwd CHAR(20) NOT NULL, # PRIMARY KEY (user_name) # ); # CREATE TABLE groups ( # user_name CHAR(30) NOT NULL, # user_group CHAR(20) NOT NULL, # PRIMARY KEY (user_name, user_group) # ); # GRANT SELECT # ON auth.users # TO authuser@localhost # IDENTIFIED BY 'PaSsW0Rd'; # GRANT SELECT # ON auth.groups # TO authuser@localhost # IDENTIFIED BY 'PaSsW0Rd'; # # INSERT INTO users VALUES ('testuser', ENCRYPT('testpass')); # INSERT INTO groups VALUES ('testuser', 'user'); # INSERT INTO users VALUES ('testadmin', ENCRYPT('testpass')); # INSERT INTO groups VALUES ('testadmin', 'admin'); # INSERT INTO groups VALUES ('testadmin', 'user'); # #<Directory /var/www> # AuthName "MySQL group authenticated zone" # AuthType Basic # # AuthMYSQLEnable on # AuthMySQLUser authuser # AuthMySQLPassword PaSsW0Rd # AuthMySQLDB auth # AuthMySQLUserTable users # AuthMySQLNameField user_name # AuthMySQLPasswordField user_passwd # AuthMySQLGroupTable groups # AuthMySQLGroupField user_group # # require group user #</Directory> This table structure will obviously permit an unlimited number of products to be paired with each user, as I would expect. Will I be required to rewrite the script to work correctly with mod_auth_mysql using the above structure, or can I expect aMember support to rewrite the script?
Dear busybody, mod_auth_mysql module is not widely used. I guess the database structure has been changed since we wrote the plugin. We will of course fix it and deliver fixed module to you by Tuesday. Please just submit a ticket to helpdesk with link to this topic, so we can send fixed plugin to you personally.