Over the last week I’ve been working on another small django site. It’s mainly the usual stuff but one aspect that proved trickier than I expected was using the django maintained authentication system to control access to another service. The other service is run via an apache2 installation and so I figured that mod_authn_dbd configured to use mysql would be all that I needed. Bzzzzt.
Django stores the passwords in a different format than mod_authn_dbd expects. It also uses salts for it’s SHA1 generation, which further complicates the simple password matching that APR does (and is the checking implemented in mod_authn_dbd). I tried a few different ways round it using mysql queries, but all to avail.
The eventual solution I came up with was to adapt mod_authn_dbd into mod_authn_django, with a password checking routine that understands how django stores the passwords and can do the correct things to compare them.
Not sure if it’ll help anyone else, but if there’s any interest I can make it available 🙂