mod_auth_mysql

mod_auth_mysql is an authentication module for apache Version 2.0 It can handle the different users of different websites within the same database. http://heuer.org/mod_auth_mysql/

Tasklist

FS#104 - MD5 or SHA Passwords

Attached to Project: mod_auth_mysql
Opened by Ueli Heuer (ueli) - Thursday, 01 March 2007, 00:10 GMT+2
Last edited by Ueli Heuer (ueli) - Thursday, 01 March 2007, 00:10 GMT+2
Task Type Support Request
Category Backend / Core
Status Closed
Assigned To No-one
Operating System
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

MD5 and SHA Passwords

This module makes use of the function apr_password_validate() of
libraries. This functions can handle crypted passwords,
sha password hashes. The common problem is that the md5- and
need some markes: you can easly create the values with
utility: 

# create a md5 hash
largo:bin$ ./htpasswd -nbm user password
user:$apr1$5T1td/..$ppqva5bmyS2CHhJWcyX1s/

# create a SHA hash
largo:bin$ ./htpasswd -nbs user password
user:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=

# create a 'normal' encrypt hash
largo:bin$ ./htpasswd -nb user password
user:K4YPncTjM9HPo

# the output will change eacht time you execute  htpasswd cause it uses
# some salt to change the output (if two users uses the same password,
# you'll not recognise this)

You may use any of the hashes as long you are putting the whole
into the database ( e.g. you use
or “K4YPncTjM9HPo” into the
in the database (of course without the “!).
Cleartext passwords will NOT work and I’m not willing to add some code to support cleartext passwords!

NOTE» You should extend the user_password field in the database from 20 chars to 120 or the database ‘ll cut off some chars from your md5 or sha hash

This task depends upon

Closed by  Ueli Heuer (ueli)
Thursday, 01 March 2007, 00:10 GMT+2
Reason for closing:  Works for me

Loading...