Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: How to use salt with CGI::Application::Plugin::Authentication

by scorpio17 (Monsignor)
on May 10, 2011 at 15:13 UTC ( #903995=note: print w/ replies, xml ) Need Help??


in reply to How to use salt with CGI::Application::Plugin::Authentication

I've never seen anyone store salts in a separate table - that's pretty weird. The salt is normally appended to the password, and the two stored together in the same table column.

So, what you would normally see looks more like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'crypt:password' => '__CREDENTIAL_2__' }, ], );

Note that there's only one table, so there's no need for a join, but since the password is encoded, you need a 'COLUMNS' field.

But what you really want is MD5 encryption. To do that, you need to write a custom filter using Crypt::PasswdMD5, call it cryptmd5, then use it like this:

__PACKAGE__->authen->config( DRIVER => [ 'DBI', DBH => $dbh, # provide your own DBI handle TABLE => 'user', CONSTRAINTS => { 'user.name' => '__CREDENTIAL_1__' } COLUMNS => { 'cryptmd5:password' => '__CREDENTIAL_2__' }, FILTERS => { cryptmd5 => \&cryptmd5_filter }, ], );

Implement cryptmd5_filter just like crypt_filter (see the CGI::Application::Plugin::Authentication::Driver::Filter::crypt source), only replace crypt() with unix_md5_crypt(). I think that will do what you want.


Comment on Re: How to use salt with CGI::Application::Plugin::Authentication
Select or Download Code
Re^2: How to use salt with CGI::Application::Plugin::Authentication
by Anonymous Monk on May 11, 2011 at 23:36 UTC
    I want to use a different salt for each account. The salt *is* eventually appended to the password but stored separately. Storing them in a different table instead of a different column was just an added (perhaps unnecessary) security step.

    Thanks for your suggestion. I have been trying it out. The 'Columns' has been added but as of yet, I haven't been able to get the sub cryptmd5_filter working.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://903995]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (6)
As of 2015-07-04 05:49 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (57 votes), past polls