httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: Patch for mod_authn_dbd plaintext auth
Date Sat, 09 Jun 2007 06:32:12 GMT
On Sat, 9 Jun 2007 05:42:06 +0000
Mark Constable <markc@renta.net> wrote:

> I need this, not sure if it's of value to anyone else?

[ it's a bit off-topic in modules-dev.  dev@httpd is where
we discuss proposals for changes to httpd.  Or if you have
no such ambition but just want to share a patch, somewhere
on the web is better than a mailinglist.  A traditional
way to do this is in bugzilla, though the wiki-faq might
be a better solution now that it's available.
]

Tip: what is the problem you're fixing?

You want to store plaintext passwords, that's your business.
But why are plaintext passwords in SQL any different to
plaintext passwords in, say, a DBM or flat file?

An equivalent patch in mod_auth_basic would apply not just
to passwords stored in SQL, but to passwords anywhere.

Should we do that?  Well, the case for it goes something
like "We should support storing passwords in plaintext
because [... make your case here ...]".  If you convince
people it adds value, then maybe we'll adopt it.

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

Mime
View raw message