[Zope] Sending Zope Passwords.

Tino Wildenhain tino@wildenhain.de
Thu, 19 Jul 2001 10:00:06 +0200


Hi Andy,

is it possible if I created the user from inituser?
In the inituser-file the password was encrypted using
SHA and so it could for sure not be recreated to p(l)ain
text.
Unfortunately the inituser-trick does only work for the first
and only user in the acl_user folder.

Anyway, I'm already working with the authentication mechanism
to implement true IP filtering for authentication (as opposite
to simple wildcards on IP tuples) so implementing SHA hashing
there should not be so hard. The support must be already there.

Regards
Tino

--On Mittwoch, 18. Juli 2001 15:12 -0700 Andy McKay <andym@ActiveState.com> 
wrote:

>> The storage in the object database is encrypted using SHA
>> hashing. (At least last time I checked this)
>
> Not at the moment it isnt. Theres a proposal in the fishbowl for it.
>
> Cheers.
> --
>   Andy McKay.
>