[horde] Logging into Horde - Current HEAD release

Mike Cochrane mike at graftonhall.co.nz
Mon Aug 11 00:18:43 PDT 2003


> ----- Message from kangus at acats.com ---------
>
> I have fought this long enough:
>
> 1. The overview from Mike Cochrane shows the user table as having a 'host'
> column but the database creation DDL scripts with the current HEAD of Horde
> does not have the column (field) 'host' in the horde_user table.

I guess you are refering to this part:

REPLACE INTO user (host, user, password)
    VALUES (
        'localhost',
        'horde',
  -- IMPORTANT: Change this password!
        PASSWORD('horde')
    );

This is refering the the mysql user table, not the horde_user table.

> 2. The auth_initial_user.sql does: INSERT INTO horde_users (user_uid,
> user_pass) VALUES ('admin', '21232f297a57a5a743894a0e4a801fc3'); ... is the
> password value $encrypted_data = mcrypt_generic($td, $message); or MD5 or
> 'PASSWORD' or Horde_Cipher::factory('blowfish'); encrypted?

The above script added a user with login of 'admin' and password of 'admin' to
the horde_users database using md5 encryption.

MD5 is the default for horde's sql authentication. mysql's password nor blowfish
are supported. see horde/lib/auth/sql.php for what hash algorithms are
available.

> Shouldn't there be an INSERT statement for each of the TWO ways that
> Secret.php encrypts and decrypts?
Secret.php has nothing to do with authentication.

> While trying to create a user I get the 'White' screen of death after
> submitting my information and nothing is written to the database -- of
> course I can not tell if Horde can get to my database!
Check your logs of any errors.

- Mike :-)




More information about the horde mailing list