Opened 16 years ago
Closed 16 years ago
#3132 closed defect (fixed)
Login does not work - wrong hash?
| Reported by: | Johannes | Owned by: | Matt Good |
|---|---|---|---|
| Priority: | high | Component: | AccountManagerPlugin |
| Severity: | critical | Keywords: | digest hash auth |
| Cc: | Trac Release: | 0.11 |
Description
Using the Account Manager Plugin, an entry in the htpasswd file is created - but login is not possible (wrong pw). Note that login works if the user is created using htdigest. Note also, that the password hashs are different, using both methods with identical data for user / password.
String , created by AccountManager, for user/pass test/test: test:migration:0000000091706f12da9a78d6dd3ac202
Environment: Trac012dev, Apache 2.2.3, mod_wsgi, using authz plugin. Auth method 'digest'
For more information, see also mailing list entry: [Trac] AccountManager Plugin w digest, wrong method?
http://groups.google.com/group/trac-users/browse_thread/thread/597adcab3acb4ec4
Attachments (0)
Change History (3)
comment:1 Changed 16 years ago by
comment:2 Changed 16 years ago by
Note from cmlenz@irc: (might be the reason for the defect) http://tjulo.blogspot.com/2007/03/problems-with-md5-and-modpython.html
comment:3 Changed 16 years ago by
| Priority: | normal → high |
|---|---|
| Resolution: | → fixed |
| Severity: | normal → critical |
| Status: | new → closed |
The problem can be fixed by using sha instead of md5 algorithm. See: http://trac.edgewall.org/ticket/2570
I forgot to tell: The server is running on ssl (https connection)