I already have a list of users in a mysql database that I use for postfix smtp authentication/sasl.
I wonder, whether the list can be used for http authentication 😀 . Well, let’s find out.
First of all, of course we must compile nginx to support http_auth_pam_module module.
download ngx_http_auth_pam_module-1.2.tar.gz
When compiling from source build as usual adding the -add-module option:
./configure --add-module=$PATH_TO_MODULE
My pam_mysql for postfix smtp authentication /etc/pam.d/smtp
auth required pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqlLog=0 account sufficient pam_mysql.so user=user passwd=pass host=localhost db=db table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1 sqllog=0
Nginx configuration
server { listen 80; server_name www.example.com; access_log /var/log/nginx/nginx-test-access.log main; location /secured { alias /path/to/public_html/restricted/; auth_pam "Restricted Zone"; auth_pam_service_name "smtp"; } location / { root /path/to/public_html; index index.html index.htm; } }
when accessing http://www.example.com/secured via web browser, browser pops up the login box, that’s a good sign.
login using my smtp authentication username and password i was successfully landed on default index.html