On 5/18/06, prla <[EMAIL PROTECTED]> wrote: > After upgrading my working copy of TG to the latest trunk (labeled > 1.1a0) the user passwords no longer match what's stored in the > database. Using Catwalk, I see all the user passwords are stored > encrypted, such as: > > b2c7023a31f0b2f2db0a355d11d5cdef
OK. That seems fine. > > My identity settings in dev.cfg are: > > identity.on=True > > identity.failure_url="/login" > > identity.soprovider.password_encryption="md5" Sounds good. > What I get in the log on attempting login is: > > 2006-05-18 12:17:32,786 turbogears.identity.soprovider INFO Passwords > don't match for user: imbp > 2006-05-18 12:17:32,789 turbogears.identity WARNING The credentials > specified weren't valid > 2006-05-18 12:17:32,805 turbogears.identity INFO Identity is > available... > > I did notice however that if I use Catwalk to edit the password field > in TG_User and set it in cleartext, it will then match upon login. Is > this is the supposed behavior? Shouldn't the password be stored hashed > on the database? This makes me have to edit every user's password, The password is stored hashed in the database. I just tried it on a new project. I enter the password in cleartext in CatWalk, and when it's saved it appears as hashed in the database. The only thing that seems to make sense is that the hash is different for some reason. I just double checked that the hash is only computed based on the password (no other secret keys or anything like that). Are you sure you know the correct password? Kevin --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk -~----------~----~----~----~------~----~------~--~---
