Opened 9 years ago

Closed 9 years ago

#3132 closed defect (fixed)

Login does not work - wrong hash?

Reported by: makro Owned by: mgood
Priority: high Component: AccountManagerPlugin
Severity: critical Keywords: digest hash auth
Cc: Trac Release: 0.11


Using the Account Manager Plugin, an entry in the htpasswd file is created - but login is not possible (wrong pw). Note that login works if the user is created using htdigest. Note also, that the password hashs are different, using both methods with identical data for user / password.

String , created by AccountManager, for user/pass test/test: test:migration:0000000091706f12da9a78d6dd3ac202

Environment: Trac012dev, Apache 2.2.3, mod_wsgi, using authz plugin. Auth method 'digest'

For more information, see also mailing list entry: [Trac] AccountManager Plugin w digest, wrong method?

Attachments (0)

Change History (3)

comment:1 Changed 9 years ago by makro

I forgot to tell: The server is running on ssl (https connection)

comment:2 Changed 9 years ago by makro

Note from cmlenz@irc: (might be the reason for the defect)

comment:3 Changed 9 years ago by makro

  • Priority changed from normal to high
  • Resolution set to fixed
  • Severity changed from normal to critical
  • Status changed from new to closed

The problem can be fixed by using sha instead of md5 algorithm. See:

Add Comment

Modify Ticket

as closed The owner will remain mgood.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.