OK, so it's compiled cleanly and now it's time to use it.  You've come to
the right place.

Creating the necessary SQL information
--------------------------------------

At the very least, you need a table in your database which has a list of
usernames and their corresponding passwords.  Having a field listing the
group users belong to, or a separate table for that, is useful too, but you
need usernames and passwords as a minimum.

For instance:

create table mysql_auth (
	username char(25) not null,
	passwd char(25),
	groups char(25),
	primary key (username)
);

This would work quite well.

NOTE 1: You don't have to use a new table for the purpose of storing
usernames and passwords; I quite happily use a 'members' table (with all
sorts of other interesting information in it) with mod-auth-mysql.

NOTE 2: The names given above are merely the defaults for the module.  They
can all be overridden if you have different names for your fields (eg
password instead of passwd).

Once your table(s) is/are created, you need to put the data in as
appropriate.


Telling Apache to protect the website
-------------------------------------

First up, tell the module where it should be getting it's info from:

Auth_MySQL_Info <host> <user> <password>

or

AuthMySQL_DefaultHost <host>
AuthMySQL_DefaultUser <user>
AuthMySQL_DefaultPassword <password>

This should be placed globally.

If you're going to use the same database all over your web server, you can
use

Auth_MySQL_General_DB <database>

to set that.  This setting can be overridden in .htaccess files if
AuthMySQL_AllowOverride is set.

On that topic, if you want .htaccess files to be restricted in what they're
able to connect to database-wise, you can

AuthMySQL_AllowOverride no

and the host, user, password, and database name cannot be changed.

Create a .htaccess file in the directory you want to protect (or put the
directives inside a Directory section in httpd.conf) with something like the
following:

AuthName "My Company's Financial Information - Top Secret"
AuthType Basic
require valid-user

This will allow any user who can supply a username and password access.

If you replace the require line with

require user bill fred jane

then only users who can successfully authenticate as bill, fred, or jane
will be allowed access.  Or, if you set the require line to

require group executives

then only users who are a part of the executives group will be allowed
access to the documents in that directory.

A special note: multiple require lines are logically OR'd -- if the user's
details match *any* of the require lines supplied, the user will be
considered authenticated.  For example,

require user jane joe
require group executives

means that if the user is jane or joe, or the user is in the executives
group, they will be let in.  Neither jane nor joe have to be in the
executives group.

Passwords
-----------

There is also the slight matter of how the passwords are stored in the
database.  Several different methods are available:

Plaintext
Crypt_DES
Crypt_MD5
Crypt (basically Crypt_DES and Crypt_MD5, plus any other schemes your local
	crypt() call implements)
PHP_MD5 (MD5 hashes, encoded the way PHP and MySQL both do it)
SHA1Sum (SHA1 hashes, encoded as a 40 character lowercase hex string)
MySQL (the hashing scheme used by the MySQL PASSWORD() function)

You should list all of the available ways your passwords can be encoded in
the Auth_MySQL_Encryption_Types config item.  By default, only Crypt_DES is
enabled.  A common example, if you're using a PHP script to manage
passwords, might be:

Auth_MySQL_Encryption_Types PHP_MD5 Crypt

Note that adding more types to be checked slows down authentication, and
allowing the Plaintext type means that any hashed passwords stored in the DB
become plaintext equivalents.

The full set of directives available are now listed in the file DIRECTIVES,
for ease of perusal.