Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
Django users
Home
+ new post
About this group
Join this group
Message from discussion http auth using django auth_user table
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Cal Leeming [Simplicity Media Ltd]  
View profile  
 More options Jul 11 2011, 7:26 am
From: "Cal Leeming [Simplicity Media Ltd]" <cal.leem...@simplicitymedialtd.co.uk>
Date: Mon, 11 Jul 2011 12:26:45 +0100
Local: Mon, Jul 11 2011 7:26 am
Subject: Re: http auth using django auth_user table
Print | View thread | Show original | Report this message | Find messages by this author

On Mon, Jul 11, 2011 at 12:02 PM, Tom Evans <tevans...@googlemail.com>wrote:

> On Sun, Jul 10, 2011 at 2:30 PM, Cal Leeming [Simplicity Media Ltd]
> <cal.leem...@simplicitymedialtd.co.uk> wrote:
> > The only connection this question has with Django, is the encryption
> method
> > that Django uses, and therefore is inappropriate for this forum.
> > Please refer to http://code.djangoproject.com/wiki/UsingTheMailingList
> > On a site note, it took me less than 10 seconds on Google (with a very
> > simple search term - first result) to find the answer you needed, which
> > shows either lack of intuition or total laziness on your part.
> > Cal

> Wait what? The guy wanted to use Apache to prompt for basic auth,
> using django.contrib.auth as a datastore for usernames and passwords -
> why is it inappropriate to ask about extending Django's auth on a
> django user mailing list? I'm also surprised that you found the answer
> the OP needed in 10 seconds (and failed to link the OP to it), given
> that there is no direct solution AFAICT.

http://www.google.co.uk/search?hl=en&safe=off&q=auth_mysql+salt

And I quote:

http://modauthmysql.sourceforge.net/CONFIGURE

AuthMySQLSaltField <> | <string> | mysql_column_name

  Contains information on the salt field to be used for crypt and aes
  encryption methods.  It can contain one of the following:
    <>: password itself is the salt field (use with crypt() only)
    <string>: "string" as the salt field
    mysql_column_name: the salt is take from the mysql_column_name field in the
      same row as the password

I probably should have told OP how I found the information he needed, and
what steps to take (although the steps I took are explained in the wiki).
I'll ensure to do this next time.

I would also agree that my comments about it being "inappropriate" for this
mailing list were wrong, as although the connection between the question and
Django was loose, it is still a connection nevertheless. My apologies to the
OP on this.

> Far too many people are spending too much time on this mailing list
> discussing how to respond to users and what is proper to discuss on
> here, and finding the perfect stock answer to tell people to eff off,
> rather than actually trying to help them.

> OP: This is actually tricky to do. Apache's mod_authn_dbd expects the
> passwords to be in certain explicit formats[1], which do not
> correspond to how Django's django.contrib.auth package stores the
> passwords. As this blog post[2] explains, the issue is that apache
> does not take into account the salt used to secure the password
> hashes. You could try contacting the author of that post, as he has
> written his own way around it.

OP said he was using mod auth_mysql, not mod_authn_dbd..? Unless I have
misunderstood something??

> Cheers

> Tom

> [1] http://httpd.apache.org/docs/trunk/misc/password_encryptions.html
> [2] http://www.david-reid.com/cynic/2009/02/24/django-apache-auth/

> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google