You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The documentation describes the process of how to generate a salted password. However, the description on point 2 really makes it very difficult to follow. It is described that "same salting rules and hash method as MySQL authentication" should be used. Presumably, this is the method referenced. This method however utilizes SHA1, whereas emqx_auth_pgsql also supports other cryptographic algorithms. In addition, there is no description about how the salt enters the equation (presumably in place of the randomized 20-bit sequence).
This really needs to be improved. I still cannot wrap my head around how to generate hashed passwords and salts in order to make the plugin able to authenticate.
IMHO, the plugin should use the methods available for cryptography in PostgreSQL, i.e. the pgcryptocrypto method, specifically designed for managing cryptography for passwords.
The text was updated successfully, but these errors were encountered:
The issue has to do with the hexstring method generating a lower-case string of the hash in hexadecimal. The hash in my database was upper-case, and the comparison is case-sensitive. This should really either be documented more carefully, or fixed!
Storing hashes in my database in lower-case solved my issue.
The documentation describes the process of how to generate a salted password. However, the description on point 2 really makes it very difficult to follow. It is described that "same salting rules and hash method as MySQL authentication" should be used. Presumably, this is the method referenced. This method however utilizes SHA1, whereas emqx_auth_pgsql also supports other cryptographic algorithms. In addition, there is no description about how the salt enters the equation (presumably in place of the randomized 20-bit sequence).
This really needs to be improved. I still cannot wrap my head around how to generate hashed passwords and salts in order to make the plugin able to authenticate.
IMHO, the plugin should use the methods available for cryptography in PostgreSQL, i.e. the pgcrypto
crypto
method, specifically designed for managing cryptography for passwords.The text was updated successfully, but these errors were encountered: