mod_auth_mysql or mysql usernames and passwords?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I'm writing a web app that needs a login page.  I'm doing the dev on a
windows box although the final version will go on a Linux box.  I can't
find any versions of mod_auth_Mysql precompiled for windows and have no
idea about compiling c.source on windows (or anything to do it with).

Is there a good reason I shouldn't store hashed password in MySQL and
call them from Python scripts instead of using the apache auth module

Thanks for your time, Marc.

Re: mod_auth_mysql or mysql usernames and passwords?

Quoted text here. Click to load it

That's what I do when writing web apps.  One good reason to do this is that
your web app probably needs to offer users the ability to log out.  Any
solution using mod_auth_* (regardless of whether the passwords are stored in
MySQL, htpasswd file, LDAP, etc.) has the problem that it uses HTTP
authentication.  Most browsers offer no way to log out when using HTTP
authentication, without closing the browser.

Rolling your own login/logout system, or using one provided for you by a web
application framework, offers more flexibility, and enables you to do things
that basic HTTP authentication can't do.

In MySQL, I recommend using the MD5 function to store hashes of passwords.
Don't use the PASSWORD function; this is intended only for use by the MySQL
account system.

Bill K.

Re: mod_auth_mysql or mysql usernames and passwords?

exactly what i needed to know. thanks MW

Site Timeline