Opened 9 years ago

Closed 6 years ago

# add htpasswd2 as a method for creating new users

Reported by: Owned by: p_ansell@… Matt Good normal AccountManagerPlugin major htpasswd file 0.10

### Description

Its great that I can use a htpasswd2 format file for authentication, but is it possible to implement a feature which allows me to create new accounts on it as well. Currently I am registering all of my users manually which is a bit of a pain.

This would be an improvement over the read-only support that is references in ticket #599

### comment:1 Changed 9 years ago by Matt Good

Resolution: → worksforme new → closed

Account creation has been supported from the beginning. Initially via registration, and now there's also an admin page.

### comment:2 follow-up:  3 Changed 9 years ago by p_ansell@…

Resolution: worksforme closed → reopened defect → enhancement

What are the settings I need to use in order to get trac to generate valid htpasswd2 entries? You only referred to generic account creation in your "worksforme" "solution"

I am currently using the following in my trac.ini:

When I register an account it adds a line to the bottom of the file, but it is not in htpasswd2 format. That is what my question was directed to, not generic account creation. The desired format is the first one, with the second being generated after a registration with this plugin.

validhtpasswd2user:$apr1$Rth1C/..$YZ7.0ZrJfUNmbFaCCuSuX0 tester:IJpZjm73rolhk ### comment:3 in reply to: 2 Changed 9 years ago by Matt Good Resolution: → worksforme reopened → closed Replying to p_ansell@yahoo.com: When I register an account it adds a line to the bottom of the file, but it is not in htpasswd2 format. That is what my question was directed to, not generic account creation. The desired format is the first one, with the second being generated after a registration with this plugin. validhtpasswd2user:$apr1$Rth1C/..$YZ7.0ZrJfUNmbFaCCuSuX0
tester:IJpZjm73rolhk


Both of those are valid htpasswd entries. The first is in the MD5 format and the second is CRYPT, which is the default on all platforms besides Windows which doesn't support it.

From the htpasswd usage output:

 -m  Force MD5 encryption of the password.
-d  Force CRYPT encryption of the password (default).
-p  Do not encrypt the password (plaintext).
-s  Force SHA encryption of the password.


This plugin follows the htpasswd defaults and generates MD5 hashes on Windows and CRYPT hashes everywhere else. It will read existing hashes in MD5, CRYPT and SHA.

### comment:4 follow-up:  5 Changed 8 years ago by Dan Bucatanschi

Resolution: worksforme normal → major closed → reopened

Hi!

I am sorry if I am annoying anyone by reopening this ticket, but I believe it is an important enhancement (if not bug) that needs to be taken care of.

The reason for my statement above is that it seems that if the method for computing the hashes is CRYPT, then the password is truncated to 8 characters in length. Basically I cannot have a secure public server on the Internet (or at least people's accounts are not as secure as they could be). However, if I have an MD5 generated hash, then the password is not truncated to 8 characters (I'm sure there is a limit but it's much higher).

I hope someone will write a patch, which will allow the configuration of the way the hashes are generated, with the possibility of specifying an MD5 hash.

Thanks, -Dan

### comment:5 in reply to:  4 Changed 6 years ago by Steffen Hoffmann

Keywords: htpasswd file added → duplicate reopened → closed

![...] I hope someone will write a patch, which will allow the configuration of the way the hashes are generated, with the possibility of specifying an MD5 hash.

After a long time this could finally come true now.

I'm testing a patch for ticket #2282, that developed towards a similar goal, effectively becoming a duplicate of this one, but already got further towards a solution in the comment trail. So let's stick to (the other) one ticket for tracking this enhancement.

### Modify Ticket

Action
as closed The owner will remain Matt Good.
The resolution will be deleted. Next status will be 'reopened'.