How to make apache2 authenticate against MS SQL 2000 Server - Page 4

5.3. The new

import java.sql.*;
import java.text.*;
public class testConnection
      static InputStreamReader converter = new InputStreamReader (;
      static BufferedReader      in = new BufferedReader (converter);
      // Read a String from standard system input
      public static String getString() {
        try {
            return in.readLine();
        } catch( Exception e ) {
            System.out.println("getString() exception, returning empty string");
            return "";
    public static void main(String[] args)
      String userName;
      String userPass;
      // userName = args[0];
      userName = getString();
      // userPass = args[1];
      userPass = getString();
    DB db = new DB();
class DB
    public DB() {}
    public void dbConnect(String db_connect_string,
  String db_userid, String db_password)
            Connection conn = DriverManager.getConnection(
    db_connect_string, db_userid, db_password);
        catch (Exception e)

So after the ‘program’ was written I had to compile it and put in some place for apache. So there comes javac again


and we pack it with jar

jar cfm tc.jar manifest DB.class testConnection.class

manifest file should tell the name of main class like that:

Main-Class: testConnection

I copied the tc.jar to /usr/local/testConn/

5.4. Final apache configuration

And after that configured apache to execute it as external authentication program by editing /etc/apache2/default-server.conf and adding following lines:

AddExternalAuth archive_auth "/usr/lib/java/bin/java -jar /usr/local/testConn/tc.jar"
SetExternalAuthMethod archive_auth pipe

Final thing – tell to use particular authentication method for our ‘restricted’ directory in httpd.conf

<Directory /srv/www/htdocs/secretarea>
   Options Indexes FollowSymLinks
    AllowOverride None
    AuthType Basic
    AuthName "Autorizacija!"
    AuthExternal archive_auth
    Require valid-user

After restart of apache if we try to access - apache prompts for username and password.
User supplies these and apache executes tc.jar and passes user credentials to it. tc.jar talks to MS SQL. MS SQL answers and depending on answer – apache denies or allows proceeding to secured site.

Share this page:

0 Comment(s)