With the release of WordPress 2.5, there were some significant changes to the way passwords were stored in the database. Prior to 2.5, passwords were stored as MD5 hashes. While simple and easy, there were some security implications, so since 2.5, passwords are now salted and hashed using the phpass encryption library. At Automattic we like to keep things simple, so we use the WordPress and bbPress user system for external authentication for things such as Trac and Subversion. This allows us an effective and simple single sign on (SSO) solution for almost everything we do. Unfortunately, the existing mod_auth_mysql apache module did not have support for the new password format.
Thanks to Nikolay, we now have the best of both worlds. He has patched mod_auth_mysql to support phpass. This means you can now have plug and play authentication against your WordPress blog or bbPress forum almost anywhere you can think of. The patch allows automatic fallback to MD5 in case the user has not yet logged into WordPress and their password is still stored in the old format.
Once the new module is loaded, you will just need to replace the following line in your apache configuration file.
OLD:AuthMySQLPwEncryption md5
NEW:AuthMySQLPwEncryption phpass
You can download the patched version here. It has been tested with Apache 2.2.3 and MySQL 4.1/5.0
2 words: bad ass.
I wrote the patch that added phpass to WordPress and this is pretty cool news. Always good to see more support.
Nice, I was just thinking about how to integrate Trac/SVN/BBpress/Wordpress on one site. Having a single sign on will be a killer feature for this setup.
Do you have a short howto or description of how this is configured for the different components?
Is there also a patch for Nginx, or will it use the Apache mod_auth_mysql module?
Damn – another thing to play with instead of doing the work I’m supposed to be doing!
interestingly!
This is awesome indeed — how about a Win32 build?
Always good to see more support:)thanks for info:)
Hi.
Interesting article.
Thank you
And how to subscribe to RSS?
Is there also a patch for Nginx, or will it use the Apache mod_auth_mysql module?
very interesting
thanx
is it possible to use this with litespeed? you guys use litespeed right?
Unfortunately not possible at this time. We are working on Nginx integration now. Once its complete, I will announce it on my blog. We are moving away from Litespeed.
тук тук, кто по русски понимать?
how can i “make” this patched mod auth mysql on freebsd 7.1 ? Im not strong in code && english too =(
mb u make an bsd port? it will be nice =)
Hi. I’m trying to get this to work on wordpress mu 2.8.4 and CENTOS 5.3. The module won’t compile. Can you help?
Rohan, did you finally get it working?
Upstream?
Barry,I´m newbie on this topics. I tried to install it on Centos 6.6 and after running the command “apxs -c -I/usr/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c” I get the following:
/usr/lib64/apr-1/build/libtool –silent –mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic -Wformat-security -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -I/usr/include/mysql -c -o mod_auth_mysql.lo mod_auth_mysql.c && touch mod_auth_mysql.slo
mod_auth_mysql.c:591: aviso: declaración implícita de la función ‘APR_XtOffsetOf’
mod_auth_mysql.c:591: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:595: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:599: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:603: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:607: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:611: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:615: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:619: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:623: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:627: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:631: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:635: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:639: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:643: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:651: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:655: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:659: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:663: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:667: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c:671: error: expected expression before ‘mysql_auth_config_rec’
mod_auth_mysql.c: En la función ‘str_format’:
mod_auth_mysql.c:891: aviso: el formato ‘%d’ espera el tipo ‘int’, pero el argumento 7 es de tipo ‘long int’
mod_auth_mysql.c: En la función ‘format_request’:
mod_auth_mysql.c:940: aviso: declaración implícita de la función ‘ap_pstrcat’
mod_auth_mysql.c:947: aviso: los tipos de datos punteros/enteros no coinciden en la expresión condicional
apxs:Error: Command failed with rc=65536
Any help?
Thanks in advance
Diego