Skip site navigation (1) Skip section navigation (2)

Authenticate with hash instead of plaintext password?

From: Murray Cumming <murrayc(at)murrayc(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Authenticate with hash instead of plaintext password?
Date: 2012-12-16 15:54:30
Message-ID: 1355673270.18581.7.camel@murrayc-ThinkPad-X220 (view raw or flat)
Thread:
Lists: pgsql-general 
libpq lets me open a connection by specifying a password:
http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS

Is there any way to specify a hash of the password when connecting, instead of 
providing the password itself? My Web UI asks the user for a PostgreSQL 
username and password, and I want to avoid asking the user for the 
password again later, as long as they have the browser cookie that I set.

I've looked at the source of phpPgAdmin, which should deal with the same issue, 
but that seems to store the plaintext password in the session, which might even
mean that the plaintext password ends up on disk, though I don't know enough about 
PHP to be sure.

I understand that libpq already sends only an MD5 hash to the 
PostgreSQL server, when it's configured to use MD5 authentication. 
But I don't want to have to provide a plaintext password to libpq.


-- 
murrayc(at)murrayc(dot)com
www.murrayc.com
www.openismus.com

Responses

pgsql-general by date

Next:From: aasatDate: 2012-12-16 16:01:12
Subject: How to remove n-first elements from array?
Previous:From: Andres FreundDate: 2012-12-16 13:03:21
Subject: Re: Default timezone changes in 9.1

Privacy Policy | About PostgreSQL
Copyright © 1996-2013 The PostgreSQL Global Development Group