authmysql.php is a php script you can use in an inn installation to authenticate readers against a MySQL database. It has authentication support as well as group support.
Currently authmysql.php needs a CVS version of PHP because of a bug in PHP when returning an exit code. If you return an exit code in PHP the code will also be printed to stdout, which obviously gets nnrpd confused. This bug will be fixed PHP 4.1.2 (basically the release after 4.1.1).
You can download the script here
Installation
- copy the file to $innconfdir/auth/passwd
- open the file in your favorite editor
- check that the #! line points to your php executable keep the -q switch otherwise php will write to stdout an authentication won’t work.
- edit the configuration variables at the beginning of the file to suit your needs. See comments in the script.
- edit your readers.conf (examples below)
authmysql.php supports the following commandline options
- l log information to it’s own log file.
- g | –group user must be a member of this group.
- i | –identity identity to return after successful authentication instead of the username or the groupname
ATTENTION!!!
The GetOpt implementation in PHP is a normal PHP script which is part of PEAR and it is a little buggy IMHO. So two rules need to be followed.
- between a short option and its value NO SPACE i.e. -ovalue
- between a long ooption and its value AN EQUAL SIGN AND NO SPACE i.e. -longoption=value
If authentication was successful authmysql.php will return the username as the identity. If the -g or –group switch is specified autmysql.php will return the groupname as the identity if authentication was successful. If the -i or –identity switch is specified authmysql.php will return the value of the options even if the -g or –group switch was specified and of course only if authentication was successful.
When using group membership authmysql.php expects the user and group relation to use the user name and group name to find the relation and not IDs.
Examples:
EXAMPLE 1
# This will authenticate all users if they specified the correct password.
# It will also return the user name as the identity. Personally I find this
# the least usefull configuration as you would need to list the usernames in
# a corresponding access group.
auth “password-only” {
auth: authmysql.php
}
access “password-only” {
users: <username>
newsgroups: !*,internal.*
}
EXAMPLE 2
# this example only returns an identity if the user authentiactes correctly and
# is a member of the group l33tpeople
# the grouname is returned as the identity
auth “group-members” {
auth: “authmysql.php –group=l33tpeople”
#alternate way of specifing the groupname
# auth: “authmysql.php -gl33tpeople”
}
access “group-members” {
users: l33tpeople
newsgroups: !*,l33t.*
}
EXAMPLE 3
# this example only returns an identity if the user authentiactes correctly and
# is a member of the group l33tpeople.
# In this case though the identity l33tless is returned.
auth “group-members” {
auth: “authmysql.php -l –identity=l33tless –group=l33tpeople”
#alternate way of specifing the identity
# auth: “authmysql.php -l -il33tless -gl33tpeople”
}
access “group-members” {
users: l33tless
newsgroups: !*,l33tless.*
}
help?! This is exactly what I need (to auth INN via mysql), but I don’t think the attached files are what you intended. They seem to be about unzipping an archive.
Would you please share the authmysql.php you mentioned. It would help me immensely!
Blessings!
dave