[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

Re: [mv] remoteuser password

To: minivend-users@minivend.com
Subject: Re: [mv] remoteuser password
From: John Beima <jbeima@palb.com>
Date: Thu, 18 May 2000 01:08:26 -0600
In-Reply-To: <Pine.BSF.4.21.0005171637450.89878-100000@Rigel.orionsys.com>
References: <Pine.BSF.4.21.0005171637450.89878-100000@Rigel.orionsys.com>
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com
User-Agent: IMP/PHP3 Imap webMail Program 2.0.11

******    message to minivend-users from John Beima <jbeima@palb.com>     ******

Actually David NOCRYPT is in the catalog.cfg file, and 
if I am resonably sure it is ion the Minivend 
Documentation.

John Beima


Quoting David Babler <dbabler@rigel.orionsys.com>:

> ******    message to minivend-users from David Babler
> <dbabler@Rigel.orionsys.com>     ******
>
>
>
> On Wed, 17 May 2000, Mike Heins wrote:
>
> > > ...Some reference somewhere that you can use 
htpasswd
> > > to generate passwords would be handy. In a 
production environment,
> having
> > > all new catalogs showing up with exactly the same 
password wouldn't be
> > > good. <G>
> >
> > That is why the prompt says:
> >
> > NOCRYPT
> > .
>
> [snip]
>
> Sorry if I'm being dense, but there still seems to be 
a problem because
> this help text isn't presented when building the 
'simple' catalog, though
> it is in the config/additional_help file. There is no 
'NOCRYPT' key in the
> config/additional_fields file - the key there is 
called CRYPTPW, which
> says that 1 encrypts and 0 doesn't.
>
> > If you set this to 0, passwords will be encrypted in 
the user
> > database. If you set this to anything other than 
zero or a blank
> > value, passwords will not be encrypted and will be 
readable in
> > the user database. You can build encrypted passwords 
with
> > the htpasswd command, or other means.
>
> If I use something else to hash the passwords, say 
MD5, how do I specify
> that?
>
> But something is still odd here. After creating a new 
catalog based on
> 'simple' and directly entering a password string 
generated by htpasswd for
> the superuser, I could finally get superuser access 
while the UserDB
> parameter specified using encryption. After that I 
logged off the
> superuser, I logged back in and created a normal user 
account and placed a
> test order. That too worked okay, but now it is 
refusing to accept the
> original password for the superuser. Looking thru the 
useredb.db file, I
> do not see the original password string for the 
superuser, though I did
> NOT change it! The new user's password *is* encrypted, 
though. Now what?
>
> Does the 'load configuration' command in minimate 
reinstall the
> remoteuser's original password in the userdb?
>
>
> -Dave
>
> -
> To unsubscribe from the list, DO NOT REPLY to this 
message.  Instead, send
> email with 'UNSUBSCRIBE minivend-users' in the body to
> Majordomo@minivend.com.
> Archive of past messages: 
http://www.minivend.com/minivend/minivend-list
> 
-
To unsubscribe from the list, DO NOT REPLY to this message.  Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list

Follow-Ups:
- Re: [mv] remoteuser password
  - From: David Babler <dbabler@rigel.orionsys.com>

References:
- Re: [mv] remoteuser password
  - From: David Babler <dbabler@rigel.orionsys.com>

Prev by Date: Re: [mv] some minivend math (the last message needs a patch...)
Next by Date: Re: [mv] Undefined catalog: /cgi-bin/kucera -- solved
Prev by thread: Re: [mv] remoteuser password
Next by thread: Re: [mv] remoteuser password
Index(es):
- Date
- Thread