| From: | "William Harazim" <wharazim(at)fulcoinc(dot)com> |
|---|---|
| To: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Manually authenticating users in pg_shadow |
| Date: | 2004-01-28 01:46:10 |
| Message-ID: | A1CC9E8EDC33E74C84357A70D46C35C148CA01@barracuda.denville.fulcoinc.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Ahh, the password || username format of the stored password was the problem. Incidentally, for anyone else not having the md5() function (is that new to 7.5dev?) I was able to accomplish the same thing using
'md5' || encode( digest(password || username, 'md5'), 'hex' )
Thanks!
-----Original Message-----
From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us]
Sent: Tuesday, January 27, 2004 7:55 PM
To: William Harazim
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: [GENERAL] Manually authenticating users in pg_shadow
"William Harazim" <wharazim(at)fulcoinc(dot)com> writes:
> Is there a way, having a user entered username and password, to select a si=
> ngle row from pg_shadow which is using md5 password encryption?
I think what you need to know is that the stored passwd field is formed
thus:
'md5' || md5(password || username);
Substitute this for your crypt() call and you're set. Don't think you
need the separate step to extract salt (you didn't need it before
either, really).
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Brendan Jurd | 2004-01-28 01:48:26 | Update Default (was: Touch row ?) |
| Previous Message | Jerome Lyles | 2004-01-28 01:08:23 | Re: Permission Problems:-)? |