diff -r 360b9aabe17e -r d07810b02147 src/server/safs/auth.c
--- a/src/server/safs/auth.c	Sat Dec 15 16:05:03 2012 +0100
+++ b/src/server/safs/auth.c	Sat Dec 29 18:08:23 2012 +0100
@@ -33,6 +33,10 @@
 
 #include <strings.h>
 
+#include "../daemon/authdb.h"
+#include "../daemon/config.h"
+#include "../daemon/session.h"
+
 #include "auth.h"
 
 
@@ -197,3 +201,82 @@
     free(user);
     return ret;
 }
+
+int auth_db(pblock *param, Session *sn, Request *rq) {
+    // TODO: reimplement this function and auth_basic to avoid code redundancy
+    
+    //pblock *npb;
+    //pb_param *pp;
+    //int ret;
+
+    char *auth;
+    char *db;
+    char *user;
+    char *pw;
+    
+    if(request_header("authorization", &auth, sn, rq) == REQ_ABORTED)
+        return REQ_ABORTED;
+
+    if(!auth)
+        return REQ_NOACTION;
+
+    db = pblock_findval("db", param);
+
+    if(!db) {
+        // TODO: log error
+        //log_error(LOG_MISCONFIG, "basic-auth", sn, rq,
+        //          XP_GetAdminStr(DBT_authError1));
+        protocol_status(sn, rq, PROTOCOL_SERVER_ERROR, NULL);
+        return REQ_ABORTED;
+    }
+
+    /* Skip leading whitespace */
+    while(*auth && (*auth == ' '))
+        ++auth;
+    if(!(*auth)) {
+        protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL);
+        return REQ_ABORTED;
+    }
+
+    /* Verify correct type */
+    if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6))
+        return REQ_NOACTION;
+
+    /* Skip whitespace */
+    auth += 6;
+    while(*auth && (*auth == ' '))
+        ++auth;
+
+    if(!*auth)
+        return REQ_NOACTION;
+
+    /* Uuencoded user:password now */
+    if(!(user = _uudecode(auth)))
+        return REQ_NOACTION;
+
+    if(!(pw = strchr(user, ':'))) {
+        free(user);
+        return REQ_NOACTION;
+    }
+    *pw++ = '\0';
+
+    // get auth db
+    ServerConfiguration *config = session_get_config(sn);
+    sstr_t dbname = sstr(db);
+    AuthDB *authdb = ucx_map_sstr_get(config->authdbs, dbname);
+    
+    User *auth_user = authdb->get_user(authdb, user);
+    if(auth_user && !auth_user->verify_password(auth_user, pw)) {
+        fprintf(stderr, "authdb user not authenticated: %s\n", user);
+        free(user);
+        return REQ_NOACTION;
+    }
+    
+
+    pblock_nvinsert("auth-type", "basic", rq->vars);
+    pblock_nvinsert("auth-user", user, rq->vars);
+    pblock_nvinsert("auth-db", db, rq->vars);
+    
+    free(user);
+    return REQ_PROCEED;
+}