You need to grab the first two chars from the crypted password in the
.htpasswd file and use those two chars as the salt when crypting the
plain text one supplied by the user before comparing them.
I'm not sure what CF is capable of in terms of crypt because I haven't
used it for quite a while, but it's easy to make a quick command line
util with C that crypts a plain text string for you and execute the util
from CF, although it'd be great to be able to do it natively instead of
spawning a new process.
jason
----- Original Message -----
From: "Rob Patrick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 13, 2000 11:10 AM
Subject: htpasswd and CF
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
>
> I'm hoping somebody out there can help:
>
> I'm looking to take an existing .htpasswd file, read it in to a list,
pull
> out a user's name and hashed/encrypted password, and compare it with
the
> user's plaintext password from a login form submission, replacing the
web
> server's basic auth mechanism with an application.cfm based method. I
need
> to do this to allow a smooth transition for my existing users on the
site
> that are currently setup with .htpasswd accounts.
>
> Is there any way in CF I can take a plaintext password, run the Unix
crypt
> function on it, and get a value equal to what is stored in an
.htpasswd
> file?
>
> Thanks for your help,
> -Rob Patrick
>
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD><TITLE></TITLE>
> <META content=3D"text/html; charset=3Diso-8859-1" =
> http-equiv=3DContent-Type>
> <META content=3D"MSHTML 5.00.3018.900" name=3DGENERATOR></HEAD>
> <BODY>
> <P><FONT face=3DArial><FONT size=3D2>I'm hoping somebody out there
can=20
> help:<BR><BR>I'm looking to take an existing .htpasswd file, read it
in =
> to a=20
> list, pull<BR>out a user's name and hashed/encrypted password, and =
> compare it=20
> with the<BR>user's plaintext password from a login form submission, =
> replacing=20
> the web<BR>server's basic auth mechanism with an application.cfm based
=
> method. I=20
> need<BR>to do this to allow a smooth transition for my existing users
on =
> the=20
> site<BR>that are currently setup with .htpasswd accounts.<BR><BR>Is =
> there any=20
> way in CF I can take a plaintext password, run the Unix =
> crypt<BR>function on it,=20
> and get a value equal to what is stored in an =
> .htpasswd<BR>file?<BR><BR>Thanks=20
> for your help,<BR>-Rob Patrick</FONT> </FONT></P></BODY></HTML>
>
> ------=_NextPart_000_0020_01C01CFD.DE92CC40--
>
> ----------------------------------------------------------------------
--------
> Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux
or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.
>
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
