exUserFolder mysql authentication, password question
Hi, I'm currently looking into the possibility of replacing our own home-made content management system with Zope/Plone. We have a mysql database we will want to continue to use. I have installed exUserFolder, to be able to use user information stored in this database for authentication. Now that's almost working, the only thing is that exUserFolder is expecting passwords to be encrypted; which they are not. Is there a way of telling exUserFolder that it should work with non-encrypted passwords? Thanks, Ivar van Duuren
Ivar van Duuren wrote:
I'm currently looking into the possibility of replacing our own home-made content management system with Zope/Plone. We have a mysql database we will want to continue to use. I have installed exUserFolder, to be able to use user information stored in this database for authentication. Now that's almost working, the only thing is that exUserFolder is expecting passwords to be encrypted; which they are not. Is there a way of telling exUserFolder that it should work with non-encrypted passwords?
http://mail.zope.org/pipermail/zope-dev/2001-November/014150.html http://sourceforge.net/mailarchive/forum.php?thread_id=3638836&forum_id=190 http://www.zope.org/Members/TheJester/exUserFolder/UnenlightenedZopistasGuid... My reading above (from a few simple searches) suggests that XUF should allow you to choose your password hash somehow. You can probably set it to "plain" or something, or provide a "hash" method that hashes a string to itself. You'll have to check the doco or code to see exactly where. --jcc -- "He who fights with monsters should look to it that he himself does not become a monster. And when you gaze long into an abyss the abyss also gazes into you."
Ivar van Duuren wrote at 2004-2-10 15:15 +0100:
... Now that's almost working, the only thing is that exUserFolder is expecting passwords to be encrypted; which they are not. Is there a way of telling exUserFolder that it should work with non-encrypted passwords?
I did not yet work with "exUserFolder" but with several ancestors. All had a way to customizes authentication. I expect, this is true for "exUserFolder" as well. -- Dieter
Edit mysqlAuthSource/mysqlAuthSource.py Change: def cryptPassword(self, username, password): salt =username[:2] secret = crypt(password, salt) return secret to read: # Alternate cryptPassword function, returns plain text of the password. def cryptPassword(self, username, password): return password Thats all you need to do. You will have to delete and re-add and users that were added with crypted passwords.. -) Tom On Tue, 2004-02-10 at 09:15, Ivar van Duuren wrote:
Hi,
I'm currently looking into the possibility of replacing our own home-made content management system with Zope/Plone. We have a mysql database we will want to continue to use. I have installed exUserFolder, to be able to use user information stored in this database for authentication. Now that's almost working, the only thing is that exUserFolder is expecting passwords to be encrypted; which they are not. Is there a way of telling exUserFolder that it should work with non-encrypted passwords?
Thanks, Ivar van Duuren
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
participants (4)
-
Dieter Maurer -
Ivar van Duuren -
J Cameron Cooper -
Thomas Anderson