Fri, Sep 06, 2002 ve 09:57:01AM +0200 Enrico Sorcinelli napsal(a):
On Fri, 6 Sep 2002 08:23:33 +0200
Tom? Prochzka [EMAIL PROTECTED] wrote:
Hello,
I use own PerlAuthenHandler module to verify users' login and password from
database.
For comparsion of password user entered and password stored in database is
crypt function used.
Here is the code:
my $real_pass = $d-[0][0]; # crypted password from database
my $salt = substr $real_pass,0,2; # salt
my $test_pass = crypt $sent_pw,$salt; # in $sent_pw is the password user
entered
if ($real_pass eq $test_pass) {
$r-subprocess_env(REMOTE_USER = $user);
return OK;
} else {
$r-note_basic_auth_failure;
return AUTH_REQUIRED;
}
Problem: Sometimes, although user entered correct password, is authentication
rejected. I tried logging values of $real_pass and $test_pass and they
differed. When I add line
$r-log_reason(User $user tested (.$real_pass./.$test_pass.)...,);
just before 'if' statement behavior is most of time correct.
Can anybody help me? Thanks.
Kacer
Hi,
It seems to be not a mod_perl related problem.
However, try with:
$test_pass = crypt $sent_pw,$real_pass;
This is what I tried first (it's common in examples). Results were terrible.
Kacer