| From: | Molly Gibson <molly_gibson2002(at)yahoo(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | mod_auth_pgsql & encryption |
| Date: | 2003-09-22 15:01:10 |
| Message-ID: | 20030922150111.64113.qmail@web41809.mail.yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi all,
I have recently installed Apache/1.3.28 +
mod_auth_pgsql-0.9.12
(http://www.giuseppetanzilli.it/mod_auth_pgsql/)
The only way I have been able to get it to
successfully authenticate against my postgres (7.3.4)
database is to turn Auth_PG_encrypted off & have
encryption turned off in postgresql.conf. I am really
uncomfortable with the idea of having unencrypted user
passwords laying about, but if I try to use an
encrypted password from the database, I get 'password
mismatch'.
I have tried:
- setting Auth_PG_pwd_table to pg_shadow,
Auth_PG_encrypted to "on"; results in "password
mismatch" error
- setting Auth_PG_pwd_table to user_auth (table I
created--docs were not clear on wether you could use
an existing table such as pg_shadow),
Auth_PG_encrypted to "on", user passwords c&pd from
pg_shadow; results in "password mismatch"
- setting Auth_PG_pwd_table to user_auth,
Auth_PG_encrypted to "on", user passwords c&pd from a
separate md5 hash program; results in "password
mismatch"
- setting Auth_PG_pwd_table to user_auth,
Auth_PG_encrypted to "off", user passwords set in
plain text; works
- setting Auth_PG_nopasswd to "on", give user a blank
password; works
- (for verification) setting Auth_PG_pwd_table back to
pg_shadow, turn encryption off in postgresql.conf, set
user password to plain text, Auth_PG_encrypted to
"off"; works
I would really like to use the existing tables
(pg_shadow, pg_group) instead of maintaining a
separate set of tables for user logins & group
assignments, assuming I get the encryption part
figured out.
Anybody have any ideas how I could go about resolving
this or troubleshooting it further? It seems to me
there is a difference between postgres's encryption
and mod_auth_pgsql's encryption. Google turned up
only a few people who'd had the same problem (no
answers to it) and people who said they'd been using
mod_auth_pgsql for a while with no problems. ???
TIA
mol
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kathy Zhu | 2003-09-22 15:13:39 | Re: 'order by' does "wrong" with unicode-chars (german umlauts) |
| Previous Message | Shridhar Daithankar | 2003-09-22 14:36:56 | Re: OT: HEADS-UP: viral storm out there |