I’ve been having a lot of fun and games getting mysql based auth working on a apache server recently. It seemed to be working, then it wasn’t. Restarting cured it, then it didn’t. I asked people and received that answer that is so often trotted out – “it’s fixed in trunk”. Like a fool i believed them, or rather I was willing to try it. After all, trunk of httpd should be an easy enough target for me – I have commit on it and have been playing with it for a long time. Alas, dark forces now seem to be at work and little was as it appeared!

The actual svn update and subsequent rebuild were their usual straightforward selves, but then the fun started. Rebuilding the svn modules was a bit of a pain due to the large number of apr libraries now installed on my system. Fixed that and then I figured all would be well… How wrong I was!

2.3 has seen a reworking of the auth directives. Now I’ve not been following httpd-dev closely and so I’m sure there has been much discussion and there are good reasons for the changes – at least I hope there are – as anyone trying to implement them on a real site is likely to have some fun. The normally excellent documentation is very sadly lacking and a quick scan of the mailing list revealed no helpful “this is how you make the change” text. So, I now have a site that prevents simple GET requests, requiring auth when previously it didn’t and a site whereby I have to add Require lines all over the place.

The setup on asylum is very similar to that which is now forced on people by the recent changes. It seems like a grand idea until you move something, add a directory or generally change the layout – the config needs to be changed for anything minor and getting it wrong (a common occurance even when you’re doing it for the 5th or 6th time) will bite you in all sorts of odd ways.

This small upgrade has now eaten several hours of my life and still it’s not working as it used to. At least with the previous incarnation every page was available in a read-only incarnation. Replies such as “oh please, you play with the bleading edge eventually you get cut” may be great sound bites, but they aren’t exactly helpful are they?

Hopefully the docs will catch up before too much longer and all will be explained…


As the server was starting to drain a lot of time and effort – not to mention failing to provide the level of service it needed to, I decided to drop back to 2.0.55 with an old mod_auth_mysql module. It’s all installed and working just fine after less than an hour. Progress? Who needs it?