[TYPO3-core] RFC: Feature integrated, #7241, Superchallenged MD5 support in felogin
Steffen Ritter
info at rs-websystems.de
Fri Jan 25 13:26:57 CET 2008
Hello,
sorry for taking long time to do your requested Changes.
I attached the patch for felogin in Trunk Rev. 2944 (because SVN is not
working at the moment) without an own service. The minimalistic changes
needed in t3lib_userauth are attached in patch update #7189.
As soon as SVN works again, I will publish patch against current trunk.
Greetings from Aachen
Steffen
Steffen Ritter schrieb:
> Well,
> kb_md5pw sv checks if uident is correct (as normal authservice with
> compareUident from t3lib_userauth) and after it if challenge code is
> known from database.
> we can come through without having an own authservice, if we change
> t3lib.userauth, function compareUident.
> At the moment there's not differed between challenged and
> superchallenged. We may create an own bevhavoiur for superchallenged and
> get rid of own service... So that correct uid is only returned if
> challenge code is known from database.
> Another point we could act at is the service sv_auth itself. There the
> Modifications, the new service takes care of can also be integrated (if
> T3Conf is set to superchallenged).
> What do you think is the better position to work at?
> For me it t3lib_userauth itself, if the mods do not affect login in the
> backend.
>
> Greetings
>
>
>
> Steffen Ritter schrieb:
>> Okay,
>>
>> user_getChallenge.php is only needed if you want to build your own
>> Loginbox with Typoscript. It's the possibility to include the
>> challenge code. We may leave it out, but it's typic behavoiur to build
>> TS-Loginboxes, and if it's a core feature there should be a
>> possibility provided to include superchallenged Login with TS. I will
>> think about another solution.
>> About the auth service I will have a detailed look, if we can have it
>> without overwriting it.
>>
>> Steffen
>>
>> Steffen Kamper schrieb:
>>> "Steffen Ritter" <info at rs-websystems.de> schrieb im Newsbeitrag
>>> news:mailman.1.1201016340.32120.typo3-team-core at lists.netfielders.de...
>>>> Hello,
>>>> I'm sorry about that.
>>>> I just used TortoiseSVN to build patch against the folder.
>>>> Since I'm using it not for long time, I did not know that there is no
>>>> warning if files have been updatet on server when I update the trunk
>>>> (while my files are changed).
>>>> I copied my changes into the current trunk version and again made a
>>>> diff, this time, calling from root.
>>>> I hope I did right this time.
>>>>
>>>> so far
>>>>
>>>> Steffen
>>>>
>>> once again :-)
>>>
>>> two files are double in your patch
>>> - user_getChallange.php
>>> - class.tx_felogin_sv1.php
>>>
>>> I don't know if it's really good to overwrite the auth-service. If
>>> this don't work with the original one, this has to be improved,
>>> because user_auth supports superchallenged.
>>>
>>> vg Steffen
>>>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: felogin-trunk2944-2.diff
Url: http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20080125/591c6150/attachment.txt
More information about the TYPO3-team-core
mailing list