Support user_htpasswd= hash

abelbeckabelbeck
in Feedback
Hi,

In AstLinux we have an administration web interface with an exiting .htpasswd file for basic auth using lighttpd.

It would very nice if fop2.cfg could support htpasswd style hashes, possibly something like:
--
user_htpasswd = admin:X5fzxhp46gqCa:all
user_htpasswd = 1234:Xa7O93k.uQlGz:dial,transfer,pickup,meetme
--
(or some clever way to still use user= and signal a htpasswd hash)

In this way, we could easily generate the users with a #exec script.

Reasonable ?

Lonnie

Comments

  • nicolasnicolas
    There is no clever way right now to use hashed passwords. I do not remember the details, but it is not something simple to implement right now. FOP2 already uses/receives md5 hashed (and salted) passwords on the "wire", the salt changes on each action/request. So the hash sent via the string changes *every* time. .htpasswd can have different hashing algorithms specified so it is not something trivial at all to do.

    Best regards,
Sign In or Register to comment.

© Asternic Corp 2024