Sorry, I mean migrate to bcrypt. On 30 Jun 2017 19:07, "Chris Northwood" <[email protected]> wrote:
> Hmm, using SHA1 I got an error telling me it was unsupported and to > migrate to SHA-1. > > I notice my symptoms are the same as described in > https://groups.google.com/forum/m/#!topic/go-cd/Qe_tEdgQhTg. Do you get > the same issue originally though? I generated my hash using htpasswd -B. I > shall try further next week. > > > On 30 Jun 2017 18:21, "Aravind SV" <[email protected]> wrote: > >> No. bcrypt works too. This line works for me: >> >> root:$2y$05$BMLeYLDu4vNKZdSYGb57kOOkUubAONhCpUivfZdw7K.nE7dEFPk7W >> >> On Fri, Jun 30, 2017 at 1:17 PM, Aravind SV <[email protected]> >> wrote: >> >>> Hello Chris, >>> >>> I tried it. It seems the password file is wrong. >>> >>> root@ubuntu-xenial:/etc/go# htpasswd -n -s root >>> New password: >>> Re-type new password: >>> root:{SHA}q/eq1kOINtvlJqojGr3i0O73TUI= >>> >>> Are you trying to use bcrypt? The password hash on this line >>> <https://github.com/cnorthwood/gocd-tls-auth/blob/master/apache-config/htpasswd#L1> >>> seems to suggest that. Maybe something is broken in bcrypt support? I tried >>> with the above line and it works. >>> >>> Cheers, >>> Aravind >>> >>> >>> >>> On Fri, Jun 30, 2017 at 12:16 PM, Chris Northwood <[email protected]> >>> wrote: >>> >>>> Hi there, >>>> >>>> I'm the maintainer of the GoCD TLS Auth plugin, and I'm looking at >>>> migrating it to the new Authorization API, but I'm having some issues. Upon >>>> further digging, I can't appear to even get the bundled password file >>>> plugin to work, so I was hoping for someone to point out what I'm doing >>>> wrong. >>>> >>>> To reproduce, I've got a little Vagrant machine running a fresh install >>>> of GoCD (the current Vagrant images are 16.10, so authorization plugins >>>> aren't supported). >>>> >>>> * Grab the repo at https://github.com/cnorthwood/gocd-tls-auth >>>> * `vagrant up` >>>> * Visit http://localhost:8153 >>>> * Go into the authorization security configuration, and add an instance >>>> of the password file plugin, using the password file >>>> `/vagrant/apache-config/htpasswd` >>>> * You now get a basic auth prompt, but if you ignore that and go to the >>>> login page, try logging in with username "root" and password "correct horse >>>> battery staple". >>>> * You get bounced back to the login screen with no indication of what's >>>> gone wrong. >>>> >>>> If you look in the logs, the only message that appears is: >>>> >>>> 2017-06-30 16:00:27,792 INFO [qtp1177096266-29] PasswordFilePlugin:52 >>>> - [Authenticate] Authenticating User: root using auth_config: password >>>> 2017-06-30 16:00:27,797 INFO [qtp1177096266-29] PasswordFilePlugin:52 >>>> - [Authenticate] User `root` successfully authenticated using auth config: >>>> password >>>> >>>> However, I don't appear to actually have authenticated successfully. >>>> >>>> If anyone could try reproducing to check I'm not going mad, or point to >>>> if I've made a mistake in the workflow, I'd greatly appreciate it! >>>> >>>> Thanks, >>>> >>>> Chris Northwood >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "go-cd" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "go-cd" group. >> To unsubscribe from this topic, visit https://groups.google.com/d/to >> pic/go-cd/la2lmt7C07U/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
