Nino schrieb: > Hi There, > > I'm having problem using apache with mod_perl (1.25) + AuthDBI in a > Raq4i. I instaled DBI, DBD-MySQL, DBD-InterBase, Apache::DBI and > Apache::AuthDBI. > > In my http.conf I added the following (for all sites): > > PerlModule Apache::DBI > PerlModule Apache::AuthDBI > > In the .htaccess file: > ------------------------------------------------------------------------ > AuthName DBI > AuthType Basic > PerlAuthenHandler Apache::AuthDBI::authen > PerlSetVar Auth_DBI_data_source dbi:mysql:XXXX > PerlSetVar Auth_DBI_username XXXX > PerlSetVar Auth_DBI_password XXXX > PerlSetVar Auth_DBI_pwd_table XXXX > PerlSetVar Auth_DBI_uid_field XXXX > PerlSetVar Auth_DBI_pwd_field XXXX > require valid-user > ------------------------------------------------------------------------ >
by the way, try this: ############################# |AuthName "Geheimer Userbereich" AuthType Basic | |PerlAuthenHandler Apache::AuthDBI::authen PerlAuthzHandler Apache::AuthDBI::authz| |PerlSetVar Auth_DBI_encrypted off PerlSetVar Auth_DBI_data_source dbi:mysql:webserver PerlSetVar Auth_DBI_username mustermann PerlSetVar Auth_DBI_password geheim PerlSetVar Auth_DBI_pwd_table users PerlSetVar Auth_DBI_uid_field username PerlSetVar Auth_DBI_pwd_field password PerlSetVar Auth_DBI_grp_field groupname | |require group admin user |############################# Note *|PerlAuthzHandler* which handles the authentication, cause *||PerlAuthenHandler* only checks for user not if the password is valid. Also the *||require group admin user||* which defines that all of group admin or user could access I don't know if a *valid-user* is correct, maybe have a try with ??! | regards -- �,���`���,�_�,���`���,�_�,������,�_�,���`���,�_�,������,� G�tz Lohmann | D-Mannheim | Web-Developer & Sys-Admin --------------------------------------------------------- He's the fellow that people wonder what he does and why the company needs him, until he goes on vacation. �,���`���,�_�,���`���,�_�,������,�_�,���`���,�_�,������,� _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
