Introduction
mod_authnz_ibmdb2 is an Apache authentication module using IBM® DB2® as the backend database for storing user and group information. The module supports several encryption methods.
I also provide UDFs and Stored Procedures to generate and validate hashes in DB2. They are compatible to the functions that are used in Apache's htpasswd utility.
Features
- runs under Apache 2.2.x and later
- user authentication:
- bcrypt (APR-util ≥ 1.5.0)
- md5
- normal md5 hash (32 chars as in php)
- seeded md5 value (as generated with Apache's htpasswd utility or as in /etc/shadow)
- crypt
- sha1
- sha256
- plain text
- no password (checks only if user exists)
- if passwords are encrypted, the validation process checks the kind of encryption method
- stored procedure support
- support for user and group conditions (restricting result set of query)
- caching support for users and groups
- UDFs and SPs to generate and validate hashes in DB2
- php scripts for importing users into DB2
- man pages
Documentation
Manual in PDF format.
man pages
- mod_authnz_ibmdb2
- db2-hash-routines
- bcrypt
- sha256
- sha512
- apr_crypt
- apr_md5
- apr_sha1
- apr_sha256
- php_md5
- validate_pw
FAQ
Q: IBM's Websphere plugin and mod_authnz_ibmdb2 seem to break each other. What can I do?
A: mod_authnz_ibmdb2 has to be loaded after the Websphere plugin.
Q: Which versions of DB2 are supported?
A: All DB2 versions currently supported by IBM. I've tested the module with all versions since DB2 UDB v7.x, but older versions should work as well.
Q: What is the difference between mod_auth_ibmdb2 and mod_authnz_ibmdb2?
A: mod_authnz_ibmdb2 is based on the new authentication backend provider scheme of Apache 2.2. This module will only work for Apache 2.2.x and later. mod_auth_ibmdb2 works for Apache 2.0.x and 1.x.
Q: What platforms are supported?
A: All POSIX platforms. I've compiled and tested the module on Linux, MacOSX and AIX. Since the modules are using the APR libraries, they can be compiled on Windows as well.
Q: Why isn't there a binary release for .....?
A: I don't have a development environment for every operating system. Furthermore I don't think that binary releases make sense for Unix style operating systems.
Q: What is the package db2-hash-routines for?
A: This package contains User Defined Functions and Stored Procedures to generate and validate hashes in DB2.
Support
Having trouble with mod_authnz_ibmdb2? Please open a ticket here.