Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: How to use salt with CGI::Application::Plugin::Authentication

by scorpio17 (Abbot)
on May 10, 2011 at 15:13 UTC ( #903995=note: print w/replies, xml ) Need Help??

in reply to How to use salt with CGI::Application::Plugin::Authentication

I've never seen anyone store salts in a separate table - that's pretty weird. The salt is normally appended to the password, and the two stored together in the same table column.

So, what you would normally see looks more like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { '' => '__CREDENTIAL_1__' } COLUMNS => { 'crypt:password' => '__CREDENTIAL_2__' }, ], );

Note that there's only one table, so there's no need for a join, but since the password is encoded, you need a 'COLUMNS' field.

But what you really want is MD5 encryption. To do that, you need to write a custom filter using Crypt::PasswdMD5, call it cryptmd5, then use it like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { '' => '__CREDENTIAL_1__' } COLUMNS => { 'cryptmd5:password' => '__CREDENTIAL_2__' }, FILTERS => { cryptmd5 => \&cryptmd5_filter }, ], );

Implement cryptmd5_filter just like crypt_filter (see the CGI::Application::Plugin::Authentication::Driver::Filter::crypt source), only replace crypt() with unix_md5_crypt(). I think that will do what you want.

Replies are listed 'Best First'.
Re^2: How to use salt with CGI::Application::Plugin::Authentication
by Anonymous Monk on May 11, 2011 at 23:36 UTC
    I want to use a different salt for each account. The salt *is* eventually appended to the password but stored separately. Storing them in a different table instead of a different column was just an added (perhaps unnecessary) security step.

    Thanks for your suggestion. I have been trying it out. The 'Columns' has been added but as of yet, I haven't been able to get the sub cryptmd5_filter working.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://903995]
[ovedpo15]: another question about regex. if I have a string like this: "a/b/,c/d/e,5" I would like to remove the string after the last comma so the output will be "a/b/,c/d/e" how to do so?
[Corion]: ovedpo15: You could split on comma, and then join everything together, except the last part. Or you could match and make sure that the last part has no comma, like qr!,[^,]+$!, or you could use rindex.
[ovedpo15]: But I don't know the length of the string. will it still work?
[ovedpo15]: The only thing I know is that there is a comma at the end and a value after that
[hippo]: Try it and see. Your computer won't explode.
[Corion]: length will tell you the length of a string.

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (5)
As of 2018-05-27 10:33 GMT
Find Nodes?
    Voting Booth?