Hi,
I’m wanting to use mod_auth_pgsql to connect to the user table of the
database so I can use my RT user/pass pair for apache authentication.
I want to use my RT DB as the master user db for other websites.
mod_auth_pgsql can deal with crypt and MD5 coded passwords…
what format does rt store the passwords in? Because it’s not working for
me…saying there’s a password mismatch…
My apache snippet looks like this:
AuthType basic
AuthName "Access via Postgres"
Auth_PG_host aa.bb.cc.dd
Auth_PG_port 5432
Auth_PG_user xxxxxxx
Auth_PG_database xxx
Auth_PG_pwd xxxxxxxxxxx
Auth_PG_pwd_table users
Auth_PG_uid_field name
Auth_PG_pwd_field password
Auth_PG_encrypted on
Auth_PG_hash_type MD5
require valid-user
tia,
jamie
what format does rt store the passwords in?
From perldoc /opt/rt3/lib/RT/User_Overlay.pm:
_GeneratePassword PASSWORD
returns an MD5 hash of the password passed in, in base64 encoding.
So I suppose that’s stored in the DB.
Sebastian
Sebastian Flothow
sebastian@flothow.de
Because it reverses the logical flow of conversation.
Essentially… create the MD5 hash of the password, then convert it to
Base64. The Base64 part is necessary to store the password because MD5 can
sometimes create characters that can’t be stored in the database as-is.
Base64 ensure that the password will be storable and compatible across other
systems.From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com]On Behalf Of Sebastian
Flothow
Sent: Thursday, June 03, 2004 8:22 AM
To: jamie.baddeley@fx.net.nz
Cc: rt
Subject: Re: [rt-users] database: user password encryption
what format does rt store the passwords in?
From perldoc /opt/rt3/lib/RT/User_Overlay.pm:
_GeneratePassword PASSWORD
returns an MD5 hash of the password passed in, in base64 encoding.
So I suppose that’s stored in the DB.
Sebastian
Sebastian Flothow
sebastian@flothow.de
Because it reverses the logical flow of conversation.
Why is top posting frowned upon?
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
RT Developer and Administrator training is coming to LA, DC and Frankfurt
this spring and summer.
http://bestpractical.com/services/training.html
Sign up early, as class space is limited.
I now have a modified libapache-mod-auth-pgsql debian (woody) package
that in addition to doing standard crypt and md5 encryption, now also
does the base64 encoded md5 variant that is supported by RT…
If anyone is interested in it let me know. Happy to provide it to anyone
that wants it.
Thanks for the help.
JamieOn Fri, 2004-06-04 at 01:32, Mike.Frazer@ipay.com wrote:
Essentially… create the MD5 hash of the password, then convert it to
Base64. The Base64 part is necessary to store the password because MD5 can
sometimes create characters that can’t be stored in the database as-is.
Base64 ensure that the password will be storable and compatible across other
systems.
-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com]On Behalf Of Sebastian
Flothow
Sent: Thursday, June 03, 2004 8:22 AM
To: jamie.baddeley@fx.net.nz
Cc: rt
Subject: Re: [rt-users] database: user password encryption
Am 3. Jun 2004 um 05:40 Uhr schrieb Jamie Baddeley:
what format does rt store the passwords in?
From perldoc /opt/rt3/lib/RT/User_Overlay.pm:
_GeneratePassword PASSWORD
returns an MD5 hash of the password passed in, in base64 encoding.
So I suppose that’s stored in the DB.
Sebastian