httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject RE: [users@httpd] htpasswd problem
Date Fri, 21 Feb 2003 13:49:03 GMT
If you want to go with md5, see the Apache hacks within
http://search.cpan.org/author/LUISMUNOZ/Crypt-PasswdMD5-1.2/

The same should be possible within php, and the md5 password
algorithm doesn't suffer the same platform-by-platform discrepancies
as unix crypt-based passwords.

Bill

At 09:47 AM 2/21/2003, Jerome SCHLUMBERGER wrote:
>Hi all !
>
>Here is my problem :
>
>I building a script to allow user to change their password for an Apache
>Basic Auth.
>I am scripting in php and use the exec() fonction to call htpasswd and
>encrypt passwd.
>But anyway the problem is : How Apache manage to compare an encrypted
>password in a .htpasswd file and a clear password sent via a basic auth
>window. Basically I would like to do the same in php but it is impossible as
>far as the htpasswd.exe use it's own algorithm. I also try to force the
>CRYPT usage of htpasswd, but with no success, the crypt() function used by
>php is not the same.
>I also tried solutions with md5() php function and all kind of salt in
>crypt() php function but all my efforts remains unsucessful.
>Does anybody know how apache recognise two differents pass containing the
>same information ????
>
>I am running Win 2K OS with apache 1.3.24 and php 4.2.0
>
>Any help would be super appreciated as I have been looking for the solutions
>since 3 days ...
>
>Bye all
>
>Schlum, from Japan
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message