Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
sql.txt 2.04 KB
Newer Older
Jesper Hvirring Henriksen's avatar
Fixed markdown formatting    
Jesper Hvirring Henriksen committed
1
2 
sqlauthBcrypt:SQL
=================
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
3
Jesper Hvirring Henriksen's avatar
Documentation cleanup    
Jesper Hvirring Henriksen committed
4
5
6
7 
This is an authentication module for [SimpleSAMLphp](http://simplesamlphp.org) to authenticate a user against a SQL database table.

It assumes password hashes and salts are calculated using [bcrypt](http://bcrypt.sourceforge.net/).
Jesper Hvirring Henriksen's avatar
Fixed markdown formatting    
Jesper Hvirring Henriksen committed
8 
The implementation is based heavily on the SimpleSAMLphp module [sqlauth:SQL](http://simplesamlphp.org/docs/1.7/sqlauth:sql).
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
9
10
11
12
13
14 


Options
-------

`dsn`
Jesper Hvirring Henriksen's avatar
Fix markdown    
Jesper Hvirring Henriksen committed
15 
:   The DSN which should be used to connect to the database server. Check the various database drivers in the [PHP documentation](http://php.net/manual/en/pdo.drivers.php) for a description of the various DSN formats.
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
16
17
18
19
20
21 

`username`
:   The username which should be used when connecting to the database server.


`password`
Jesper Hvirring Henriksen's avatar
Fix markdown    
Jesper Hvirring Henriksen committed
22 
:   The password which should be used when connecting to the database server. If you are running this locally for development and you are using an empty password, set this to the empty string ('').
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
23
24 

`query`
Jesper Hvirring Henriksen's avatar
Fix markdown    
Jesper Hvirring Henriksen committed
25 
:   The SQL query which should be used to retrieve the user. The parameters :username and :password are available. If the username/password is incorrect, the query should return no rows. The name of the columns in resultset will be used as attribute names. If the query returns multiple rows, they will be merged into the attributes. Duplicate values and NULL values will be removed.
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
26
27 

`pepper`
Jesper Hvirring Henriksen's avatar
Documentation cleanup    
Jesper Hvirring Henriksen committed
28 
:   The pepper string appended to passwords before generating the hash. If you are not using a pepper, set this to the empty string ('').
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44 

`hash_column`
:   The column storing password hashes.


Examples
--------

Example - MySQL server:

    'bcrypt-example' => array(
      'sqlauthbcrypt:SQL',
      'dsn' => 'mysql:host=sql.example.org;dbname=simplesaml',
      'username' => 'userdb',
      'password' => 'secretpassword',
      'hash_column' => 'password_hash',
chris.lewis's avatar
documentation to remove separate salt    
chris.lewis committed
45 
      'query' => 'SELECT username AS uid, name AS cn, email AS mail, password_hash FROM users WHERE username = :username',
Jesper Hvirring Henriksen's avatar
Initial commit.  
Jesper Hvirring Henriksen committed
46
47 
      'pepper' => '0474f00f7823ade7d10d6797b4ceb591672c3440d92537309cedfc383a98209daf6755c043deb92936797cf74859e6924d0b395a0309950be364928188c7cf0f',
    ),

Dies ist die Gitlab-Instanz des Transferportals der Hochschule für Technik Stuttgart. Hier geht es zurück zum Portal