The AuthPGHost directive sets the name of the server on which the postmaster is running. If not specified, a unix domain socket will be used to connect to the database instead of a TCP/IP connection. This alleviates the need to use -i when starting the Postgres postmaster.
The AuthPGPort directive sets the TCP/IP port number at which the postmaster can be found.
The AuthPGUser directive sets the database username (not the system username) to connect to the database as. If not specified, the user that the web server is running as will be used.
The AuthPGPassword directive sets the password to connect to the database with.
The AuthPGOptions directive sets additional runtime options for the Postgres backend.
The AuthPGDatabase directive sets the name of the database which keeps the authentication information.
The AuthPGUserTable directive sets the name of the table which contains the username field and password field.
The AuthPGGroupTable directive sets the name of the table which contains the username field and groupname field. This name can be the same as the value of AuthPGUserTable directive.
The AuthPGPasswordField directive sets the name of the field containing the password in AuthPGUserTable.
The AuthPGUserNameField directive sets the name of the field containing the username in AuthPGUserTable. This name should be the same as the field name containg the username in AuthPGGroupTable.
The AuthPGGroupNameField directive sets the name of the field containing the groupname in AuthPGGroupTable.
The AuthPGVirtual directive controls the behavior of the authentication module when a user logs in with a userid of the form user@domain. If AuthPGVirtual is off, this type of userid is treated normally -- the entire string is considered to be the userid, and must exist in the field specified by the AuthPGUserNameField directive. If AuthPGVirtual is on, the userid is split into its user and domain components. The user compontent is matched against the field specified by the AuthPGUserNameField directive, and the domain component is matched against the field specified by the AuthPGDomainField directive. If AuthPGVirtual is on, and a userid does not contain '@', the domain field in the database must be blank or null.
The AuthPGDomainField directive sets the name of the field containing the domain name. It is only utilized if AuthPGVirtual is on.
The AuthPGQuery directive sets the query to use instead of the default one. The query string may contain any of the following modifiers:
%i - host ip address replacement %h - host name replacement %l - user id replacement %d - userid domain (if available) see AuthPGVirtual but it doesn't need to be on to use value %x - unparsed URI %e - URI path %a - URI query args %f - AuthPGDomainField directive value %p - AuthPGPasswordField directive value %u - AuthPGUserNameField directive value %g - AuthPGGroupNameField directive value %U - AuthPGUserTable directive value %G - AuthPGGroupTable directive value
The previous behaviour is also supported:
Unless you enable AuthPGVirtual, this string must contain one
'%s', which is replaced with a user name. If you set AuthPGVirtual to
'on', then the string must contain two. The first '%s' is for the
user component and the second for the domain component of
"user@domain". The result of the query should be the user's
password.
Example: select password from members where name='%s'
The AuthPGGroupQuery directive sets the query to get the list of the groups that a user belong to. The query string may contain any of the following modifiers:
%i - host ip address replacement %h - host name replacement %l - user id replacement %d - userid domain (if available) see AuthPGVirtual but it doesn't need to be on to use value %x - unparsed URI %e - URI path %a - URI query args %f - AuthPGDomainField directive value %p - AuthPGPasswordField directive value %u - AuthPGUserNameField directive value %g - AuthPGGroupNameField directive value %U - AuthPGUserTable directive value %G - AuthPGGroupTable directive value
The previous behaviour is also supported:
Unless you enable AuthPGVirtual, this string must contain one
'%s', which is replaced with a user name. If you set AuthPGVirtual to
'on', then the string must contain two. The first '%s' is for the
user component and the second for the domain component of
"user@domain". The result of the query should be the user's
password.
Example: select groupname from groups where user='%s'
Setting the AuthPGHashType directive to `none' allows for the passwords stored in Postgres not to be encrypted. Otherwise, they shoud be crypted by the crypt function, or md5 respectively.
Turning on AuthPGAnonymous directive enables a user to be validated by the anonymous user name set by the AuthPGAnonymousUserName directive without the password.
The AuthPGAnonymousUserName directive sets the anonymous user name used when the AuthPGAnonymous directive is turned on.
The AuthPGCookie directive controls whether this module will fake the authentication by the cookie or not.
AUTHPG
The AuthPGCookieName directive sets the name of the cookie containing the username and password pair. The cookie has the form like `AUTHPG=username:password'. `:' is the separator and can be changed using AuthPGCookieSeparator directive.
:The AuthPGCookieSeparator directive sets the character used to separate the userid and password.
The AuthPGAuthoritative directive plays the same role as the Auth*Authoritative directives in other mod_auth_* modules.