pGina Documentation

pGina MySQL Authentication Plugin Documentation

How it Works

The MySQL Authentication plugin authenticates users against account information stored in a MySQL database. The plugin connects to the MySQL server, retrieves the account information including password (possibly a hash), and compares the user supplied password with the one retrieved from the database. It registers success if the passwords (or hashes) match.

The MySQL Authentication plugin expects user information to be stored in a table with a specific schema. The configuration UI can be used to create the table (see below). Users can be added using standard SQL. Since pGina does not currently support password changes, password changes currently need to be supported by your own tools.

Typical Setup

A typical (minimal) setup for MySQL Authentication is to enable the Local Machine plugin in the authentication and gateway stages, and enable MySQL Auth. in the authentication stage. Within the authentication stage, order the MySQL plugin before Local Machine.

The User Information Table

User information must be stored in the MySQL database within a table that has at least the following columns:

The data type of the columns should be a string type such as TEXT or VARCHAR, but be careful of length limitations.

The hash_method column can have one of the following values:

Salted Passwords

If any of the salted hash methods are used, this plugin expects the data to be organized as follows. The password column must contain a hexadecimal or base 64 encoded string that contains the following:

encoding ( hash( password + salt ) + salt )

Where encoding converts to a string using either hexadecimal or base 64 encoding, and hash applies the appropriate hash algorithm.

Configuration

MySQL Auth Configuration

The “Test…” button initiates a test of the MySQL connection, and verifies that the account table exists and is properly formatted.

The “Create Table…” button attempts to connect to the MySQL server and create the account information table.