Re: External Auth

From: Gavin Cameron <[email protected]>
Date: Sat, 23 Jan 1999 19:53:43 +1100 (EST)

Here's a perl script I use to authenticate against a mysql database.

Gavin

#!/usr/local/bin/perl -w
use DBI;

##
## Auth module for squid/perl5/mysql
##
## Gavin Cameron, ITworks Consulting, 1999
##
## Not elegant, but functional, authentication module that checks an MySQL
## database for authentication info for the Squid WWW proxy/cache
##

##
## Database scheme
##
## create table user (
## username varchar(30) not null,
## password varchar(30) not null,
## index idx1 (username, password)
## );
##

##
## Database info
##
$dbname = 'testauth';
$dbhost = 'ferret';
$dbport = '3306';
$dbuser = 'user';
$dbpasswd = 'pass';
$dbtype = 'mysql';

$dbstring = $dbname;
$dbstring .= ':' . $dbhost if defined $dbhost;
$dbstring .= ':' . $dbport if defined $dbport;

$dbh = DBI->connect($dbstring, $dbuser, $dbpasswd, $dbtype);

if ( !defined $dbh )
{
  print "Cannot connect to database: $DBI::errstr\n";
  exit;
}

$|=1;

while (<>)
{
  chomp;
  ($user, $pass) = ( /^(\S*)\s(.*)$/ );

  if ( ( ! defined $user ) || ( ! defined $pass ) )
  {
    print "ERR\n";
    next;
  }

  undef @rowarray;

  @rowarray = $dbh->selectrow_array("select username from user where username = \'$user\' and password = \'$pass\'");

  if ( ! defined @rowarray )
  {
    print "ERR\n";
  }
  else
  {
    print "OK\n";
  }
}

[]-----------------------------------+------------------------------------[]
| Gavin Cameron | ITworks Consulting |
| Ph : 0418 390350 | Suite 100, 85 Grattan Street |
| Fax : +61 3 9347 6544 | Carlton, Victoria |
| Email : gavin@itworks.com.au | Australia, 3053 |
[]-----------------------------------+------------------------------------[]

On Fri, 22 Jan 1999, Jeff Beley wrote:

> I have been unsucessfully trying to write a external authenticator
> in perl to use a mysql database for authenication. When I run it
> from a command line, it seems to work. I used the ncsa_auth as
> a model. However when squid trys to run it either dies or constantly
> say Authentication Failed. Does anyone have any guidelines for writting
> such a tool.
>
>
> TIA
> --Jeff
>
> --
>
>
> -------------------------------
> Jeff Beley <jbeley@astcorp.com>
> Network Administrator
> PGP Key Availible upon request
>
Received on Sat Jan 23 1999 - 01:36:48 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:08 MST