Re: [Catalyst] Legacy porting to auto-authenticate a logged in user
You've hit it. You are better than my Teddy bear lately. I wasn't thinking straight. Since the password is coming from the DB instead of a user form, it's already in SHA1 so it should be treated for the sake of authentication as clear since SHA1 != SHA1(SHA1). Thanks and to Peter for the other ideas for future debuggery, so to speak! -Ashley On Dec 23, 2007, at 10:29 AM, Jay K wrote: Hi Ashley, My guess is that your password hashing type in the db is different from the password hashing type you defined for the Password credential. Since your database does store the password in plaintext - why not set password type to 'clear' - and set the password_field to password. This should cause authentication to happen against your unencrypted password and should work. Jay On Dec 23, 2007, at 10:10 AM, Ashley Pond V wrote: Thanks for the idea. Didn't work. After following the code trail back through a few namespaces and lots of config v class_data v eyes glaze over, I fixed it by setting the password_type to "none" and merely authenticating on the "username." This is fine in this case but it's obviously less than ideal. If anyone has insight into what I'm doing wrong with my original version, I'd love to hear it. WORKING VERSION (username isn't guaranteed unique so I went with the Id instead): $c->authenticate({ acctid => $user->acctid }) or die "RC_403: " . $user->username . ": " . $user->acctid . " failed to authenticate"; authentication: default_realm: users realms: users: credential: class: Password password_type: none #password_hash_type: SHA-1 #password_field: crypt_passwd store: class: DBIx::Class user_class: DB::User id_field: acctid On Dec 22, 2007, at 3:44 AM, Peter Edwards wrote: Try $c->authenticate({ acctid => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; Regards, Peter -----Original Message- From: Ashley Pond V [mailto:[EMAIL PROTECTED] Sent: 22 December 2007 08:08 To: The elegant MVC web framework Subject: [Catalyst] Legacy porting to auto-authenticate a logged in user I have what I first thought was a gimme (this is only tangentially related to the questions I asked a few days ago; same app, different DB and part). Legacy porting of a "login" with Authenticate where I already have the user id and everything verified. I have tried many permutations of arguments and setup. The user has already logged into the legacy part of the app. So this is the code that is not working but I think should. my $user_id = ...legacy fetch; working fine my $user = $c->model("DB::User")->find($user_id) or die "RC_403: No such user for id $user_id"; # also working fine # this dies, I've verified the $user, username, and password are correct $c->authenticate({ username => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; So. why? The legacy setup is a little strange so I think that must be it. The user table's DBIC looks like this (password is plaintext, legacy, and crypt_passwd is sha1 of it)- package MyApp::DB::User; use base qw/DBIx::Class/; __PACKAGE__->load_components(qw/PK::Auto Core/); __PACKAGE__->table('foo.account'); __PACKAGE__->add_columns(qw/ acctid email fname lname password crypt_passwd /); __PACKAGE__->set_primary_key('acctid'); sub username { +shift->email; }; My config looks like this- authentication: default_realm: users realms: users: credential: class: Password password_field: crypt_passwd password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: DB::User id_field: acctid Thanks for looking! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev
Re: [Catalyst] Legacy porting to auto-authenticate a logged in user
Hi Ashley, My guess is that your password hashing type in the db is different from the password hashing type you defined for the Password credential. Since your database does store the password in plaintext - why not set password type to 'clear' - and set the password_field to password. This should cause authentication to happen against your unencrypted password and should work. Jay On Dec 23, 2007, at 10:10 AM, Ashley Pond V wrote: Thanks for the idea. Didn't work. After following the code trail back through a few namespaces and lots of config v class_data v eyes glaze over, I fixed it by setting the password_type to "none" and merely authenticating on the "username." This is fine in this case but it's obviously less than ideal. If anyone has insight into what I'm doing wrong with my original version, I'd love to hear it. WORKING VERSION (username isn't guaranteed unique so I went with the Id instead): $c->authenticate({ acctid => $user->acctid }) or die "RC_403: " . $user->username . ": " . $user->acctid . " failed to authenticate"; authentication: default_realm: users realms: users: credential: class: Password password_type: none #password_hash_type: SHA-1 #password_field: crypt_passwd store: class: DBIx::Class user_class: DB::User id_field: acctid On Dec 22, 2007, at 3:44 AM, Peter Edwards wrote: Try $c->authenticate({ acctid => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; Regards, Peter -Original Message----- From: Ashley Pond V [mailto:[EMAIL PROTECTED] Sent: 22 December 2007 08:08 To: The elegant MVC web framework Subject: [Catalyst] Legacy porting to auto-authenticate a logged in user I have what I first thought was a gimme (this is only tangentially related to the questions I asked a few days ago; same app, different DB and part). Legacy porting of a "login" with Authenticate where I already have the user id and everything verified. I have tried many permutations of arguments and setup. The user has already logged into the legacy part of the app. So this is the code that is not working but I think should. my $user_id = ...legacy fetch; working fine my $user = $c->model("DB::User")->find($user_id) or die "RC_403: No such user for id $user_id"; # also working fine # this dies, I've verified the $user, username, and password are correct $c->authenticate({ username => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; So. why? The legacy setup is a little strange so I think that must be it. The user table's DBIC looks like this (password is plaintext, legacy, and crypt_passwd is sha1 of it)- package MyApp::DB::User; use base qw/DBIx::Class/; __PACKAGE__->load_components(qw/PK::Auto Core/); __PACKAGE__->table('foo.account'); __PACKAGE__->add_columns(qw/ acctid email fname lname password crypt_passwd /); __PACKAGE__->set_primary_key('acctid'); sub username { +shift->email; }; My config looks like this- authentication: default_realm: users realms: users: credential: class: Password password_field: crypt_passwd password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: DB::User id_field: acctid Thanks for looking! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ --- America will never be destroyed from the outside. If we falter and lose our freedoms, it will be because we destroyed ourselves. -- Abraham Lincoln ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Legacy porting to auto-authenticate a logged in user
Oh well, worth a shot. I had a similar problem and ended up in the bowels of the auth code with the perl debugger to try and figure out the correct params. I also wanted to be able to hook up to a legacy passwd db and it was a bit tricky to get it working. If you want to try this, stick a $DB::single = 1; in your site_perl library Catalyst/Plugin/Authentication.pm in sub authenticate() and then run the test server with perl -d scripts/myapp_server.pl. Use your web browser to try and login, and in the debugger step into the auth handling to see what is going on. There's a page I wrote on using the perl debugger with Catalyst that may help: http://dev.catalyst.perl.org/wiki/DebugSample Regards, Peter http://perl.dragonstaff.co.uk -Original Message- From: Ashley Pond V [mailto:[EMAIL PROTECTED] Sent: 23 December 2007 17:11 To: The elegant MVC web framework Subject: Re: [Catalyst] Legacy porting to auto-authenticate a logged in user Thanks for the idea. Didn't work. After following the code trail back through a few namespaces and lots of config v class_data v eyes glaze over, I fixed it by setting the password_type to "none" and merely authenticating on the "username." This is fine in this case but it's obviously less than ideal. If anyone has insight into what I'm doing wrong with my original version, I'd love to hear it. WORKING VERSION (username isn't guaranteed unique so I went with the Id instead): $c->authenticate({ acctid => $user->acctid }) or die "RC_403: " . $user->username . ": " . $user->acctid . " failed to authenticate"; authentication: default_realm: users realms: users: credential: class: Password password_type: none #password_hash_type: SHA-1 #password_field: crypt_passwd store: class: DBIx::Class user_class: DB::User id_field: acctid On Dec 22, 2007, at 3:44 AM, Peter Edwards wrote: > Try > > $c->authenticate({ acctid => $user->username, >password => $user->password }) > or die "RC_403: " . $user->username . " failed to > authenticate"; > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Legacy porting to auto-authenticate a logged in user
Thanks for the idea. Didn't work. After following the code trail back through a few namespaces and lots of config v class_data v eyes glaze over, I fixed it by setting the password_type to "none" and merely authenticating on the "username." This is fine in this case but it's obviously less than ideal. If anyone has insight into what I'm doing wrong with my original version, I'd love to hear it. WORKING VERSION (username isn't guaranteed unique so I went with the Id instead): $c->authenticate({ acctid => $user->acctid }) or die "RC_403: " . $user->username . ": " . $user->acctid . " failed to authenticate"; authentication: default_realm: users realms: users: credential: class: Password password_type: none #password_hash_type: SHA-1 #password_field: crypt_passwd store: class: DBIx::Class user_class: DB::User id_field: acctid On Dec 22, 2007, at 3:44 AM, Peter Edwards wrote: Try $c->authenticate({ acctid => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; Regards, Peter -Original Message- From: Ashley Pond V [mailto:[EMAIL PROTECTED] Sent: 22 December 2007 08:08 To: The elegant MVC web framework Subject: [Catalyst] Legacy porting to auto-authenticate a logged in user I have what I first thought was a gimme (this is only tangentially related to the questions I asked a few days ago; same app, different DB and part). Legacy porting of a "login" with Authenticate where I already have the user id and everything verified. I have tried many permutations of arguments and setup. The user has already logged into the legacy part of the app. So this is the code that is not working but I think should. my $user_id = ...legacy fetch; working fine my $user = $c->model("DB::User")->find($user_id) or die "RC_403: No such user for id $user_id"; # also working fine # this dies, I've verified the $user, username, and password are correct $c->authenticate({ username => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; So. why? The legacy setup is a little strange so I think that must be it. The user table's DBIC looks like this (password is plaintext, legacy, and crypt_passwd is sha1 of it)- package MyApp::DB::User; use base qw/DBIx::Class/; __PACKAGE__->load_components(qw/PK::Auto Core/); __PACKAGE__->table('foo.account'); __PACKAGE__->add_columns(qw/ acctid email fname lname password crypt_passwd /); __PACKAGE__->set_primary_key('acctid'); sub username { +shift->email; }; My config looks like this- authentication: default_realm: users realms: users: credential: class: Password password_field: crypt_passwd password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: DB::User id_field: acctid Thanks for looking! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Legacy porting to auto-authenticate a logged in user
Try $c->authenticate({ acctid => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; Regards, Peter -Original Message- From: Ashley Pond V [mailto:[EMAIL PROTECTED] Sent: 22 December 2007 08:08 To: The elegant MVC web framework Subject: [Catalyst] Legacy porting to auto-authenticate a logged in user I have what I first thought was a gimme (this is only tangentially related to the questions I asked a few days ago; same app, different DB and part). Legacy porting of a "login" with Authenticate where I already have the user id and everything verified. I have tried many permutations of arguments and setup. The user has already logged into the legacy part of the app. So this is the code that is not working but I think should. my $user_id = ...legacy fetch; working fine my $user = $c->model("DB::User")->find($user_id) or die "RC_403: No such user for id $user_id"; # also working fine # this dies, I've verified the $user, username, and password are correct $c->authenticate({ username => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; So. why? The legacy setup is a little strange so I think that must be it. The user table's DBIC looks like this (password is plaintext, legacy, and crypt_passwd is sha1 of it)- package MyApp::DB::User; use base qw/DBIx::Class/; __PACKAGE__->load_components(qw/PK::Auto Core/); __PACKAGE__->table('foo.account'); __PACKAGE__->add_columns(qw/ acctid email fname lname password crypt_passwd /); __PACKAGE__->set_primary_key('acctid'); sub username { +shift->email; }; My config looks like this- authentication: default_realm: users realms: users: credential: class: Password password_field: crypt_passwd password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: DB::User id_field: acctid Thanks for looking! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Legacy porting to auto-authenticate a logged in user
I have what I first thought was a gimme (this is only tangentially related to the questions I asked a few days ago; same app, different DB and part). Legacy porting of a "login" with Authenticate where I already have the user id and everything verified. I have tried many permutations of arguments and setup. The user has already logged into the legacy part of the app. So this is the code that is not working but I think should. my $user_id = ...legacy fetch; working fine my $user = $c->model("DB::User")->find($user_id) or die "RC_403: No such user for id $user_id"; # also working fine # this dies, I've verified the $user, username, and password are correct $c->authenticate({ username => $user->username, password => $user->password }) or die "RC_403: " . $user->username . " failed to authenticate"; So… why? The legacy setup is a little strange so I think that must be it. The user table's DBIC looks like this (password is plaintext, legacy, and crypt_passwd is sha1 of it)- package MyApp::DB::User; use base qw/DBIx::Class/; __PACKAGE__->load_components(qw/PK::Auto Core/); __PACKAGE__->table('foo.account'); __PACKAGE__->add_columns(qw/ acctid email fname lname password crypt_passwd /); __PACKAGE__->set_primary_key('acctid'); sub username { +shift->email; }; My config looks like this- authentication: default_realm: users realms: users: credential: class: Password password_field: crypt_passwd password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: DB::User id_field: acctid Thanks for looking! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/