[Cubicweb] Python module for Apache : how to use cubicweb.dbapi
Julien Cristau
julien.cristau at logilab.fr
Fri Sep 13 16:47:47 CEST 2013
On Fri, Sep 13, 2013 at 16:11:14 +0200, Dimitri Papadopoulos Orfanos wrote:
> Hi,
>
> I'm attemting to write an Apache authentication module that would
> use the CWusers of a CubicWeb instance.
>
>
> We had already discussed the following solution:
> * bypass CubicWeb,
> * directly connect to the PostgreSQL database associated to the
> CubicWeb instance,
> * read the "cw_login" and "cw_upassword" columns of the "cw_cwuser"
> PostgreSQL table,
> * understand the encoding of the "cw_upassword" column (SHA1?),
> * compare the password to the contents of the "cw_upassword" column.
>
> Note that essential information such as the encoding of the
> "cw_upassword" column is missing.
>
Nowadays cw_upassword is in crypt(3) format. So at least on Unix, you
could dump cw_login:cw_upassword in a htpasswd file, if your
apache/apr-util has
http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_passwd.c?r1=1358480&r2=1361811
Before that fix IIRC you need to drop the last character from the
cw_upassword for apache to accept it.
Julien
--
Julien Cristau <julien.cristau at logilab.fr>
Logilab http://www.logilab.fr/
Informatique scientifique & gestion de connaissances
More information about the Cubicweb
mailing list