Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re: How to use salt with CGI::Application::Plugin::Authentication

by scorpio17 (Monsignor)
on May 10, 2011 at 15:13 UTC ( #903995=note: print w/ replies, xml ) Need Help??


in reply to How to use salt with CGI::Application::Plugin::Authentication

I've never seen anyone store salts in a separate table - that's pretty weird. The salt is normally appended to the password, and the two stored together in the same table column.

So, what you would normally see looks more like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'crypt:password' => '__CREDENTIAL_2__' }, ], );

Note that there's only one table, so there's no need for a join, but since the password is encoded, you need a 'COLUMNS' field.

But what you really want is MD5 encryption. To do that, you need to write a custom filter using Crypt::PasswdMD5, call it cryptmd5, then use it like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'cryptmd5:password' => '__CREDENTIAL_2__' }, FILTERS => { cryptmd5 => \&cryptmd5_filter }, ], );

Implement cryptmd5_filter just like crypt_filter (see the CGI::Application::Plugin::Authentication::Driver::Filter::crypt source), only replace crypt() with unix_md5_crypt(). I think that will do what you want.


Comment on Re: How to use salt with CGI::Application::Plugin::Authentication
Select or Download Code
Re^2: How to use salt with CGI::Application::Plugin::Authentication
by Anonymous Monk on May 11, 2011 at 23:36 UTC
    I want to use a different salt for each account. The salt *is* eventually appended to the password but stored separately. Storing them in a different table instead of a different column was just an added (perhaps unnecessary) security step.

    Thanks for your suggestion. I have been trying it out. The 'Columns' has been added but as of yet, I haven't been able to get the sub cryptmd5_filter working.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://903995]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (5)
As of 2014-09-19 00:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (128 votes), past polls