At registration, a user's password is encrypted by php's md5 and stored
in a client login table.
On login, the client's password as provided in a login form, is run
through md5 ha****ng and submitted to the server for authentication.
Pretty standard stuff!
BUT authentication always fails.
To get a grip on this, I set up a record with a specific password. For
some reason I cannot understand, the md5 hash written into postgresql
does not correspond with the echoing back of the hash at login attempts.
In both instances, the ha****ng is consistent.
The login is performed under ssl. Changing it to run under http makes no
difference - the ha****ng remains the same.
The data base provides a character varying(32) column for the hashed
password.
Can someone help me out of this morass???
Much appreciated!
--
Sent via pgsql-novice mailing list (pgsql-novice@[EMAIL PROTECTED]
)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-novice
