Fri, Sep 06, 2002 ve 09:57:01AM +0200 Enrico Sorcinelli napsal(a):
> On Fri, 6 Sep 2002 08:23:33 +0200
> Tomá? Procházka <[EMAIL PROTECTED]> wrote:
>
> > Hello,
> > I use own PerlAuthenHandler module to verify users' login and password from
> > database.
> >
> > For comparsion of password user entered and password stored in database is
> > crypt function used.
> >
> > Here is the code:
> > my $real_pass = $d->[0][0]; # crypted password from database
> > my $salt = substr $real_pass,0,2; # salt
> > my $test_pass = crypt $sent_pw,$salt; # in $sent_pw is the password user
>entered
> > if ($real_pass eq $test_pass) {
> > $r->subprocess_env(REMOTE_USER => $user);
> > return OK;
> > } else {
> > $r->note_basic_auth_failure;
> > return AUTH_REQUIRED;
> > }
> >
> > Problem: Sometimes, although user entered correct password, is authentication
> > rejected. I tried logging values of $real_pass and $test_pass and they
> > differed. When I add line
> >
> > $r->log_reason("User $user tested (".$real_pass."/".$test_pass.")...","");
> >
> > just before 'if' statement behavior is most of time correct.
> >
> > Can anybody help me? Thanks.
> >
> > Kacer
>
> Hi,
> It seems to be not a mod_perl related problem.
> However, try with:
>
> $test_pass = crypt $sent_pw,$real_pass;
This is what I tried first (it's common in examples). Results were terrible.
Kacer
