search for: encrypted_password

Hi, What''s the best way to hook into any changes made to the value of a single model attribute? I need to know when the encrypted_password attribute on my User model changes i.e. when the user has changed their password. I''m not interested in the actual changed value, I just need to know when it''s been changed so that I can regenerate their API key as well. Thanks in advance. John -- Posted via http://www.ruby-for...

...e thing. All convert_to_model does is calls to_model, which returns self (the ActiveModel instance). Am I missing something here? Why call a method that returns the same thing? @user => #<User id: 3, name: "dscdsf", email: "fgd-kX2TDLzHGmnQT0dZR+AlfA@public.gmane.org", encrypted_password: "", phone: "9544443456", address: "fvfdvf", reset_password_token: nil, reset_password_sent_at: nil, remember_created_at: nil, sign_in_count: 1, current_sign_in_at: "2011-09-27 17:01:45", last_sign_in_at: "2011-09-27 17:01:45", current_sign_in_ip: &...

I'm trying to understand the code around PAM support in auth2.c and auth2-chall.c. I'm working with the OpenSSH 3.7.1p2 sources on FreeBSD 4.x. The scenario I'm trying to make work is SSH login to a captive accout for users in a RADIUS database but whose login does not appear in /etc/passwd or getpwnam(). I understand that if the username is not found in getpwnam(), then the

...the following to defines.h #ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW # include <hpsecurity.h> # include <prot.h> #endif Modified auth-passwd.c (not the most elegant fix, assumed HP will not use MD5 passwds if trusted). Code below: #ifdef HAVE_MD5_PASSWORDS if (is_md5_salt(salt)) encrypted_password = md5_crypt(password, salt); else encrypted_password = crypt(password, salt); #else /* HAVE_MD5_PASSWORDS */ # ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW encrypted_password = bigcrypt(password, salt); # else encrypted_password = crypt(password, salt); #endif /* HAVE_HPUX_TRUSTED_SYSTEM_P...

...st just today to receive any replies/comments to this post. Apologies if this has been addressed before. man default(F), prpw(F), secdefs(ADM) *** auth-passwd.c-orig Wed Jul 4 00:21:15 2001 --- auth-passwd.c Wed Jan 2 14:17:21 2002 *************** *** 212,218 **** --- 212,222 ---- else encrypted_password = crypt(password, salt); # else + # ifdef HAVE_SCO_PROTECTED_PW + encrypted_password = bigcrypt(password, salt); + # else encrypted_password = crypt(password, salt); + # endif /* HAVE_SCO_PROTECTED_PW */ # endif /* __hpux */ #endif /* HAVE_MD5_PASSWORDS */ -- Roger Cornelius r...

...quot;) == 0 && strcmp(pw->pw_passwd, "") == 0) + success = (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) + if (auth_result(success) == 1) return 1; else { /* Encrypt the candidate password using the proper salt. */ char *encrypted_password = crypt(password, - (pw->pw_passwd[0] && pw->pw_passwd[1]) ? + (pw && pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); /* * Authentication is accepted if the encrypted passwords * are identical. */ - ret...

...ty_passwd == 0) - return 0; - return auth_sia_password(authctxt, password); + if (*password == '\0' && options.permit_empty_passwd == 0) { + retval=0 ; goto out; + } + retval=auth_sia_password(authctxt, password); + goto out; #else struct passwd * pw = authctxt->pw; char *encrypted_password; @@ -118,19 +123,23 @@ #endif /* deny if no user. */ - if (pw == NULL) - return 0; + if (pw == NULL) { + retval=0 ; goto out; + } #ifndef HAVE_CYGWIN - if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) - return 0; + if (pw->pw_uid == 0 && options.p...

...sword") if crypted_password.blank? # end # Authenticates a user by their username name and unencrypted password. Returns the user or nil. def self.authenticate(username, crypted_password) login = find_by_username(username) # need to get the salt if login expected_password = encrypted_password(crypted_password, login.salt) if login.crypted_password != expected_password login = nil end end login end def password @password end def password=(pw) @password = pw create_new_salt self.crypted_password = User.encrypted_password(self.password, self.salt) end def rememb...

...word, :within => 5..40, :on => :create def before_create self.sha_password = User.encrypt(self.password) end def after_create @password = nil end private def self.encrypt(password) Digest::SHA1.hexdigest(password) end def self.login_user(username, password) encrypted_password = encrypt(password || "") find(:first, :conditions => ["username = ? and sha_password = ?", username, encrypted_password]) end def attempt_login User.login_user(self.username, self.password) end end -------------------------------------------- If I browse to...

...:conditions => ["e.deleted_yn=0 and e.username = ? and a.account_code = ?", username, account_code], :joins => "as e left outer join options o on e.id = o.employee_id left outer join accounts a on e.account_id = a.id ") if employee expected_password = encrypted_password(password, employee.salt) if employee.hashed_password != expected_password employee = nil end end employee end ------------- I keep getting an error saying "undefined method ''salt''". Any ideas? Thanks -- Posted via http://www.ruby-forum.c...

...- internal server error. I found problem in rubycas-server. It fails when try to hash password: (/opt/puppet/share/rubycas-server/lib/casserver/authenticators/sql_encrypted.rb) > def validate(credentials) > .... > encrypt_function = @options[:encrypt_function] || > ''user.encrypted_password == > Digest::SHA256.hexdigest("#{user.encryption_salt}::#{@password}")'' > ... > return eval(encrypt_function) # FAIL But in simple ruby script function *Digest::SHA256.hexdigest* works fine. I changed to *OpenSSL::Digest::SHA256.hexdigest* in rubycas-server and...

...f :name attr_accessor :password_confirmation validates_confirmation_of :password def validate errors.add_to_base("Missing password") if hashed_password.blank? end def self.authenticate(name, password) user = self.find_by_name(name) if user expected_password = encrypted_password(password, user.salt) if user.hashed_password != expected_password user = nil end end user end # ''password'' is a virtual attribute def password @password end def password=(pwd) @password = pwd create_new_salt self.hashed_passwo...

...connecting to other hosts. The bug is in the auth-passwd.c of pppd. Slackware has it's own (or just an another) version of shadow package (if I've understood the problem correctly) with it's own password encryption manner. I do not use stuff like Kerberos, PAM etc. As a result, the line encrypted_password=crypt(password,salt); creates an encrypted password that is different than the stored in /etc/shadow . I do not know the password encryption used in Slackware, but ssh (not OpenSSH) works fine. So, it is advisable for auth-passwd.c maintainer to connect to Slackware developers or to look to the ssh...

Hi, I'm having trouble with auth_password() failing on my linux box using yellow pages. I've tracked the problem down to the following: pw_password = "RMf.YivanoZc2,o01N" encrypted_password = "RMf.YivanoZc2" This fails on the return(strcmp(encrypted_password, pw_password) == 0). because crypt() only returns 13 characters. I seem to remember the ",o01N" having something to do with password expiration. The same problem exists in openssh-2.5.1p2. I've tried 2 di...

...gns(:user))) ActionController::RoutingError: No route matches {:action=>"show", :controller=>"users", :id=>#<User id: nil, name: "New User", email: "user-hcDgGtZH8xNBDgjK7y7TUQ@public.gmane.org", created_at: nil, updated_at: nil, encrypted_password: nil, salt: nil>} # ./spec/controllers/users_controller_spec.rb:102:in `block (4 levels) in <top (required)>'' The test specs are as follows: describe "success" do before (:each) do @attr = { :name => "New User" ,...

...ing User model has: =============== attr_accessor :password_confirmation validates_confirmation_of :password # ''password'' is a virtual attribute def password @password end def password=(pwd) @password = pwd create_new_salt self.hashed_password = User.encrypted_password(self.password, self.salt) end Controller ========== def create @user = User.new(params[:user]) if @user.save flash[:notice] = "User #{@user.name} was successfully created." redirect_to :action => ''new'' else flash[:notice] = "U...

Here is the code in question: describe UsersController do render_views … … describe "POST to ''create'' action" do describe "failure" do before(:each) do @attr = { :name => '''', :email => '''', :password => '''', :password_confirmation =>

...; t.text "author" t.datetime "created_at" t.datetime "updated_at" end create_table "users", :force => true do |t| t.string "email", :default => "", :null => false t.string "encrypted_password", :limit => 128, :default => "", :null => false t.string "password_salt", :default => "", :null => false t.string "reset_password_token" t.string "remember_token" t.datetime "remember_cr...

...[_a-z0 -9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0 -9-]+)*(\.[a-z]{2,4})$/i def validate errors.add_to_base("Missing Password") if hashed_password.blank? end def self.authenticate(username, password) user = self.find_by_username(username) if user expected_password = encrypted_password(password, user.salt) if user.hashed_password != expected_password user = nil end end user end def password @password end def password=(pwd) @password = pwd create_new_salt self.hashed_password = User.encrypted_password(self.password, self.salt)...

Anybody know why this: User.find(current_user).update_attribute(:last_subject, params[:subject_id]) results in this: AREL (0.6ms) UPDATE "users" SET "last_subject" = 4, "encrypted_password" = ''f470e6e76203973146c3b07e8b31c976b19cb23a9bf37485ad1911687cdc7a29'', "updated_at" = ''2011-10-12 13:43:21.727558'' WHERE "users"."id" = 9 For some reason it is updating more than just the :last_subject. Its also changing the u...