 |
|
Item4544: Document special format used in .htpasswd for email addresses
Priority: Normal
Current State: Closed
Released In: 1.1.3
Target Release: patch
Current State: Closed
Released In: 1.1.3
Target Release: patch
[08:28:59] <Lavr> SteffenPoulsen. Remember when you advice people to use the htpasswd utility that it deletes all email addresses from .htpasswd [08:29:22] <Lavr> Or at least from the entry to change [08:30:13] <SteffenPoulsen> ah yep - forgot that, good point :-) [08:30:17] <Lavr> I usually run the htpasswd utility on a new password file and then copy paste the result into the real one [08:31:05] <SteffenPoulsen> yes, me too .. wonder if there's a topic I could have pointed to on the procedure [08:32:07] <SvenDowideit> how about a commented out line that is added to the topof the .htpasswd file? [08:32:55] * CDot has joined #twiki [08:33:35] * marclaporte has joined #twiki [08:34:15] <Lavr> Yes when it is created. That would not be a bad idea. "Do not use htpasswd utility on this file. See "URL to t.o FAQ topic" [08:34:32] <SteffenPoulsen> pls go implement :-) [08:35:25] <SvenDowideit> please add bug item [08:35:42] <SvenDowideit> twikibot, make new bug? [08:35:51] <SteffenPoulsen> :-)-- TWiki:Main/SteffenPoulsen - 04 Sep 2007 Unsure about this, I don't think storing information directly in the .htpasswd file is an option (all entries are read and written on user updates, non-standard lines are lost in the process). Perhaps a simple thing like this would be OK (create an additional
.htpasswd.README file on creation time).
Index: lib/TWiki/Users/HtPasswdUser.pm
===================================================================
--- lib/TWiki/Users/HtPasswdUser.pm (revision 14913)
+++ lib/TWiki/Users/HtPasswdUser.pm (working copy)
@@ -123,6 +123,21 @@
sub _savePasswd {
my $db = shift;
+ unless (-e "$TWiki::cfg{Htpasswd}{FileName}" ) {
+ # Item4544: Add pointer to twiki.org topic on special format used in .htpasswd
+ umask( 077 );
+ open( FILE, ">$TWiki::cfg{Htpasswd}{FileName}.README" ) ||
+ throw Error::Simple( $TWiki::cfg{Htpasswd}{FileName}.
+ '.README open failed: '.$! );
+
+ print FILE "# TWiki uses a specially crafted .htpasswd file format that should not be\n";
+ print FILE "# manipulated using a standard htpasswd utility.\n";
+ print FILE "# (3rd-party utilities does not support the e-mail address format used).\n";
+ print FILE "# \n";
+ print FILE "# More information available at: http://twiki.org/cgi-bin/view/TWiki/HtPasswdFormat.\n";
+ close( FILE);
+ }
+
umask( 077 );
open( FILE, ">$TWiki::cfg{Htpasswd}{FileName}" ) ||
throw Error::Simple( $TWiki::cfg{Htpasswd}{FileName}.
If it is enough for this item, only todo is to create the twiki.org topic linked to.-- TWiki:Main.SteffenPoulsen - 17 Sep 2007 Confirmed, and applies to TWiki.org CC
Added a warning to UserAuthentication where it discusses sharing the .htpasswd file with other applications. Also updated HtPasswdUser to write the readme when creating a new .htpasswd file. -- GeorgeClark - 25 Mar 2011
ItemTemplate edit
| Summary | Document special format used in .htpasswd for email addresses |
| ReportedBy | TWiki:Main.SteffenPoulsen |
| Codebase | 1.1.3 beta1, 1.1.2, 1.1.1, 1.1.0, trunk |
| SVN Range | TWiki-4.2.0, Thu, 30 Aug 2007, build 14664 |
| AppliesTo | Engine |
| Component | Documentation, HtPasswdUser |
| Priority | Normal |
| CurrentState | Closed |
| WaitingFor | |
| Checkins | distro:5fa64c823780 distro:c1b4c21a8523 distro:3f6fdb2a5daf distro:afd470ad330a |
| TargetRelease | patch |
| ReleasedIn | 1.1.3 |
Edit | Attach | Print version | History: r12 < r11 < r10 < r9 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r12 - 16 Apr 2011, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy