I don't know how much you know about the crypt function, but what you need
to do could quite easily be done.
First, you get the encrypted password, and grab the first 2 characters.
Then, you take the submitted password, and crypt it using the 2 characters
you got from the crypted password. Now compare the 2 values. If it's a
match, the password is valid.
As far as how to access the crypt function, I'll bet someone here can tell
you an easy way to do it in CF, but since my experience in CF is limited to
NT at this point, I'd write a Perl script to do the crypting an comparing,
and return either match or no match. Call it with CFHTTP, and you're good
to go.
(I'm guessing from recent threads, that CFHTTP may be an issue here, but
I've had good luck with this method in CF 4.x)
Hope this helps,
Peter Janett
New Media One Web Services
================================
WEB HOSTING FOR WEB DEVELOPERS
================================
-> Sun, IRIX, NT, Linux <-
PHP, MySQL, Perl, Cold Fusion,
MS SQL, ASP, SSI, SSL
http://www.newmediaone.net
[EMAIL PROTECTED]
(303)828-9882
----- Original Message -----
From: Rob Patrick <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, September 12, 2000 7:10 PM
Subject: htpasswd and CF
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
>
> I'm hoping somebody out there can help:
>
> I'm looking to take an existing .htpasswd file, read it in to a list, pull
> out a user's name and hashed/encrypted password, and compare it with the
> user's plaintext password from a login form submission, replacing the web
> server's basic auth mechanism with an application.cfm based method. I need
> to do this to allow a smooth transition for my existing users on the site
> that are currently setup with .htpasswd accounts.
>
> Is there any way in CF I can take a plaintext password, run the Unix crypt
> function on it, and get a value equal to what is stored in an .htpasswd
> file?
>
> Thanks for your help,
> -Rob Patrick
>
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD><TITLE></TITLE>
> <META content=3D"text/html; charset=3Diso-8859-1" =
> http-equiv=3DContent-Type>
> <META content=3D"MSHTML 5.00.3018.900" name=3DGENERATOR></HEAD>
> <BODY>
> <P><FONT face=3DArial><FONT size=3D2>I'm hoping somebody out there can=20
> help:<BR><BR>I'm looking to take an existing .htpasswd file, read it in =
> to a=20
> list, pull<BR>out a user's name and hashed/encrypted password, and =
> compare it=20
> with the<BR>user's plaintext password from a login form submission, =
> replacing=20
> the web<BR>server's basic auth mechanism with an application.cfm based =
> method. I=20
> need<BR>to do this to allow a smooth transition for my existing users on =
> the=20
> site<BR>that are currently setup with .htpasswd accounts.<BR><BR>Is =
> there any=20
> way in CF I can take a plaintext password, run the Unix =
> crypt<BR>function on it,=20
> and get a value equal to what is stored in an =
> .htpasswd<BR>file?<BR><BR>Thanks=20
> for your help,<BR>-Rob Patrick</FONT> </FONT></P></BODY></HTML>
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40--
>
> --------------------------------------------------------------------------
----
> Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
