On 01/08/2007 05:08 PM, Patrick Welche wrote:
>
>
> First an apology for posting to dev: I thought there was at least a
> documentation issue, but no:
>
> AuthDBDUserPWQuery Directive
> ...
> SQL varchar) argument (username), and return a single value (encrypted
> password). ^^^^^^^^^
>
> I am still searching for a way to get an encrypted password to be accepted..
> With
>
> AuthDBDUserPWQuery "select md5(prefname) from person where userid=%s"
>
> I get
>
> [Mon Jan 08 16:04:41 2007] [error] [client ::1] (-1)Unknown error:
> 4294967295: Comparing "Patrick" with "f87567f2159b425795ebb7ba9bc406ec"
> [Mon Jan 08 16:04:41 2007] [error] [client ::1] user prlw1: authentication
> failure for "/webfolder": Password Mismatch
apr_password_validate or better apr_md5_encode does not simply apply MD5 to the
password, but mixes it with a salt.
Furthermore the password hash needs to start with a 'marker' string to inform
apr_password_validate which hash algorithm
it should use. If none is specified it falls back to crypt.
>
> and with
>
> AuthDBDUserPWQuery "select encode(digest(prefname,'sha1'),'hex') from person
> where userid=%s"
>From my quick view at the apr-util code I would guess that the following
>should work:
AuthDBDUserPWQuery "select '{SHA}'||encode(digest(prefname,'sha1'),'hex') from
person where userid=%s"
Regards
RĂ¼diger