[Twisted-Python] Authentication with Perspective Broker and hashed password file
Tommi Virtanen
tv at twistedmatrix.com
Sat Feb 12 01:34:10 MST 2005
Dave Cook wrote:
> Failure: twisted.cred.error.UnhandledCredentials: No checker for
> twisted.spread.interfaces.IJellyable,
> twisted.cred.credentials.IUsernameHashedPassword,
^^^^^^
> twisted.cred.credentials.ICredentials,
> twisted.spread.pb.IUsernameMD5Password
^^^^^^^^^^^^^^^^^^^^
>
> However, if I use plaintext passwords, it works fine.
>
> I'm working with the example in the book:
>
> http://twistedmatrix.com/documents/current/howto/pb-cred#auto7
>
> with the credential checker set to
>
> import sha
> myChecker = checkers.FilePasswordDB("my_hashed_passwd_file",
> hash =
> lambda u, p, h: sha.new(p).hexdigest())
Locally hashing the password only works when the password is transferred
over the wire in plaintext.
PB uses a challenge-response authentication, which by it's nature
requires you to store passwords in plaintext.
You need a checker for IUsernameHashedPassword. FilePasswordDB is one,
as long as you don't pass it the argument hash.
More information about the Twisted-Python
mailing list