httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Donovan <donov...@bellatlantic.net>
Subject Re: [users@httpd] DBDmysql connecting but not authenticating
Date Tue, 08 Jan 2008 00:04:08 GMT
paredes wrote:
> Hi Tom!
> 
> I discovered that when I entered users & passwords with the mysql command 
> line using password(), encrypt(), sha1() or old_password, only encrypt() 
> was readable by apache authentication. Then I entered users and 
> passwords using apache's htpasswd to generate md5 sha1 crypt and apache 
> was able to authenticate those.
> 
> So much to my surprise, mysql's sha1 and md5 produces an encryption not 
> readable by apache. I was under the assumption that all sha1 and md5 
> encryptions were the same across all applications!
> 

re: "... encryptions were all the same..."

Unfortunately, no.  The binary calculation is the same, but the encoding of the result differs

considerably.

There are some notes about password encryption in the Apache docs here:
http://httpd.apache.org/docs/2.2/misc/password_encryptions.html

-tom-

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message