High Performance User Authentication
High Performance User Authentication
If the server has more than a few users who are required to use password authentication to
access the website, the performance of the standard password file will be inadequate. The
standard authentication module, mod_auth, uses a flat file that must be searched
sequentially to find the user's password. Searching a flat file of only a few hundred entries
can be very time consuming.
An alternative is to store the passwords in an indexed database. Two modules,
mod_auth_dbm and
mod_auth_db, provide support for password databases. They are used in exactly the same
way as the standard flat file authentication. The only differences are the directives used to
define the database inside the httpd.conf file and the command used to add passwords to the
password database. The AuthUserFile directive used for the flat file is replaced by
AuthDBUserFile for
mod_auth_db or by AuthDBMUserFile for mod_auth_dbm. Our sample Red Hat system has
the mod_auth_db module installed. Listing 6.6 shows the example from Listing 6.5 rewritten
to use a database file on the sample Red Hat system.