Questions regarding apache2 authentication using either Pam or MySQL
I would like to create a directory on my web server that is password
protected. My initial stab at doing this was done using php
authentication and a MySQL database. It seems to be working just fine,
but I got to thinking that there must be an easier method to do this
that could be built into the server with a module. So after some
research I found the libapache2-mod-auth-mysql and
libapache2-mod-auth-pam packages for Debian.
It appears that the mysql package has not yet been brought into the etc
repositories yet and I found a post online from back in May that someone
was wondering if this was going to be brought in the etc repository soon
or not. No follow-up on the post has been given yet.
I am unclear as to how the pam based one would work. Would I need to
create users on my server in my normal user database in order for folks
to authenticate against? I have a basic understanding of how to get the
pam based method to work, but not sure where the passwords and such are
being stored and authenticated against.
I would much prefer to use the MySQL method and I would really prefer to
have the authentication required at the server level and not in some php
files. Anyone have any ideas at this point for using the
libapache2-mod-auth-mysql package? Is it possible to get the source and
compile this for my system directly?