Hi,
DBI.pm this is the place with p_enc_sub: sub GetAuth { my ($service, $username, $password) = @_; my $config = $RT::ExternalSettings->{$service}; $RT::Logger->debug( "Trying external auth service:",$service); my $db_table = $config->{'table'}; my $db_u_field = $config->{'u_field'}; my $db_p_field = $config->{'p_field'}; my $db_p_enc_pkg = $config->{'p_enc_pkg'}; my $db_p_enc_sub = $config->{'p_enc_sub'}; my $db_p_salt = $config->{'p_salt'}; Place where the password is submitted to that method as a string parameter. In my opinion could be here: # Get the user's password from the database query result my $pass_from_db = $results_hashref->{$username}->{$db_p_field}; # This is the encryption package & subroutine passed in by the config file $RT::Logger->debug( "Encryption Package:", $db_p_enc_pkg); $RT::Logger->debug( "Encryption Subroutine:", $db_p_enc_sub); # Use config info to auto-load the perl package needed for password encryption # I know it uses a string eval - but I don't think there's a better way to do this # Jump to next external authentication service on failure eval "require $db_p_enc_pkg" or $RT::Logger->error("AUTH FAILED, Couldn't Load Password Encryption Package. Error: $@") && return 0; my $encrypt = $db_p_enc_pkg->can($db_p_enc_sub); if (defined($encrypt)) { # If the package given can perform the subroutine given, then use it to compare the # password given with the password pulled from the database. # Jump to the next external authentication service if they don't match if(defined($db_p_salt)) { $RT::Logger->debug("Using salt:",$db_p_salt); if(${encrypt}->($password,$db_p_salt) ne $pass_from_db){ $RT::Logger->info( $service, "AUTH FAILED", $username, "Password Incorrect"); return 0; } } else { if(${encrypt}->($password) ne $pass_from_db){ $RT::Logger->info( $service, "AUTH FAILED", $username, "Password Incorrect"); return 0; } } } else { # If the encryption package can't perform the request subroutine, # dump an error and jump to the next external authentication service. $RT::Logger->error($service, "AUTH FAILED", "The encryption package you gave me (", $db_p_enc_pkg, ") does not support the encryption method you specified (", $db_p_enc_sub, ")"); return 0; } But i'm not shure where exactly. And how I can convert string to hash. I'm not familiar with perl ;/ Best Adrian 2011/11/15 Zordrak <zord...@tpa.me.uk>: > Adrian Stel wrote: >> Hi, >> >> >> Can't use string ("user password") as a HASH ref while "strict refs" >> in use at /usr/local/share/perl/5.10.1/Authen/Passphrase/PHPass.pm >> line 278. >> >> Problem is with type of user password. >> >> Still need to know where I should search. > > Search for the text "p_enc_sub". There's only one place it should be > defined and it will be very close to where the password is submitted to > that method as a string parameter. > -- > Zordrak > zord...@tpa.me.uk > > -- Pozdrawiam Adrian Stelmaszyk -------- RT Training Sessions (http://bestpractical.com/services/training.html) * Barcelona, Spain November 28 & 29, 2011