Bug #43793 for Catalyst-Plugin-Authentication: bug report for Catalyst::Authentication::Credential::Password

Mon Mar 02 18:03:57 2009 rigon_w [...] yahoo.com - Ticket created

Subject:	bug report for Catalyst::Authentication::Credential::Password
Date:	Mon, 2 Mar 2009 13:16:59 -0800 (PST)
To:	bug-Catalyst-Plugin-Authentication [...] rt.cpan.org
From:	wang ligang <rigon_w [...] yahoo.com>

Hi, I am using Catalyst and trying to use Catalyst::Authentication::Store::Htpasswd to do the authentication. In my main module: use Catalyst qw/-Debug ConfigLoader Static::Simple StackTrace Session Session::Store::FastMmap Session::State::Cookie Authentication Authorization::Roles /; __PACKAGE__->config->{'Plugin::Authentication'} = { default_realm => 'admins', admins => { credential => { class => 'Password', password_field => 'password', password_type => 'crypted' }, store => { class => 'Htpasswd', file => 'root/pass/htpasswd.file' } } }; When I run: if ($c->authenticate({ username => $username, password => $password } , 'admins' )) { it doesn't authenticate, and give you error: "you must provide a new password", which I tracked it down, it is in Authen::Htpasswd::User module. I wonder why it happens: Finally I find the module Catalyst::Authentication::Credential::Password is an issue. in short, when I call $c->authenticate, it call authenticate() in this module, then call check_password in this module, and stuck in this line my $storedpassword = $user->get($self->_config->{'password_field'}); --------- pieces of Stack Trace root/lib/site_perl/5.8.8/Authen/Htpasswd/User.pm line 142 Authen::Htpasswd::User::password('Authen::Htpasswd::User=HASH(0xad13b48)') called at root/lib/site_perl/5.8.8/Catalyst/Authentication/User.pm line 50 Catalyst::Authentication::User::get('Catalyst::Authentication::Store::Htpasswd::User=HASH(0xad13a88)', 'password') called root/lib/site_perl/5.8.8/Catalyst/Authentication/Credential/Password.pm line 67 ---------- I managed to patch the code as: my $storedpassword = $user->get('hashed_password'); then works fine, it is because in Authen::Htpasswd::User module, the password field is null, hashed_password is valid value. Here is dumped variable. '_user' => bless( { 'autocommit' => 1, 'check_hashes' => $VAR1->{'_store'}{'file'}{'check_hashes'}, 'encrypt_hash' => 'crypt', 'file' => $VAR1->{'_store'}{'file'}, 'hashed_password' => 'xxx', 'username' => 'xxxx' }, 'Authen::Htpasswd::User' Catalyst::Authentication::Store::Htpasswd::User For the rest info. ~/perllocal/perl -v This is perl, v5.8.8 built for i686-linux uname -a Linux honesty.encs.concordia.ca 2.4.21-58.ELsmp #1 SMP Tue Nov 4 11:47:13 EST 2008 i686 i686 i386 GNU/Linux the module is latest Catalyst-Plugin-Authentication-0.10010.

Mon Mar 02 18:09:26 2009 bobtfish [...] bobtfish.net - Correspondence added

Subject:	Re: [rt.cpan.org #43793] bug report for Catalyst::Authentication::Credential::Password
Date:	Mon, 2 Mar 2009 23:09:08 +0000
To:	bug-Catalyst-Plugin-Authentication [...] rt.cpan.org
From:	Tomas Doran <bobtfish [...] bobtfish.net>

On 2 Mar 2009, at 23:03, rigon_w@yahoo.com via RT wrote: Show quoted text

> 'admins', > admins => { > credential => { > class => 'Password', > password_field => 'password', > password_type => 'crypted'

<snip> Show quoted text

> my $storedpassword = $user->get($self->_config->{'password_field'});

<snip> Show quoted text

> my $storedpassword = $user->get('hashed_password');

If you set 'password_field' to 'hashed_password' in your config, and $c->authenticate({ user => $user, hashed_password => $password }), then everything will work as you expect. Cheers t0m

Mon Mar 02 18:09:26 2009 The RT System itself - Status changed from 'new' to 'open'

Tue Mar 03 15:27:37 2009 bobtfish [...] bobtfish.net - Taken

Tue Mar 03 15:28:03 2009 bobtfish [...] bobtfish.net - Status changed from 'open' to 'resolved'