Modify

Opened 10 years ago

Closed 10 years ago

#3132 closed defect (fixed)

Login does not work - wrong hash?

Reported by: Johannes Owned by: Matt Good
Priority: high Component: AccountManagerPlugin
Severity: critical Keywords: digest hash auth
Cc: Trac Release: 0.11

Description

Using the Account Manager Plugin, an entry in the htpasswd file is created - but login is not possible (wrong pw). Note that login works if the user is created using htdigest. Note also, that the password hashs are different, using both methods with identical data for user / password.

String , created by AccountManager, for user/pass test/test: test:migration:0000000091706f12da9a78d6dd3ac202

Environment: Trac012dev, Apache 2.2.3, mod_wsgi, using authz plugin. Auth method 'digest'

For more information, see also mailing list entry: [Trac] AccountManager Plugin w digest, wrong method?

http://groups.google.com/group/trac-users/browse_thread/thread/597adcab3acb4ec4

Attachments (0)

Change History (3)

comment:1 Changed 10 years ago by Johannes

I forgot to tell: The server is running on ssl (https connection)

comment:2 Changed 10 years ago by Johannes

Note from cmlenz@irc: (might be the reason for the defect) http://tjulo.blogspot.com/2007/03/problems-with-md5-and-modpython.html

comment:3 Changed 10 years ago by Johannes

Priority: normalhigh
Resolution: fixed
Severity: normalcritical
Status: newclosed

The problem can be fixed by using sha instead of md5 algorithm. See: http://trac.edgewall.org/ticket/2570

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Matt Good.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.