[jdev] MD5 auth problem
Ulrich Staudinger
us at activestocks.de
Thu May 25 04:48:08 CDT 2006
Norman Rasmussen schrieb:
> On 5/25/06, Ulrich Staudinger <us at activestocks.de> wrote:
>
>> has someone a good solution how to reuse an existing community site with
>> md5'd passwords with a jabber server?
>
>
> reading http://www.ietf.org/rfc/rfc2831.txt section 3.9:
>
> if you change the existing password storage from
> md5({ passwd })
> to store
> md5({ username-value, ":", realm-value, ":", passwd })
> then you can use that value during digest-md5 sasl auth.
>
> This does mean some migration for user's passwords (they'll all have
> to enter their current password to start using the jabber services -
> backend could check old md5(pwd) hash, and compute and store new
> md5(name:realm:pwd) hash)
>
Actually i thought about that process, too. But considering i have a
small number of users already, i don't want to bother them with retyping
their password.
Cheers,
Ulrich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: us.vcf
Type: text/x-vcard
Size: 329 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20060525/20f51d45/attachment-0002.vcf>
More information about the JDev
mailing list