Ahh, the password || username format of the stored password was the problem. Incidentally, for anyone else not having
themd5() function (is that new to 7.5dev?) I was able to accomplish the same thing using
'md5' || encode( digest(password || username, 'md5'), 'hex' )
Thanks!
-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Tuesday, January 27, 2004 7:55 PM
To: William Harazim
Cc: pgsql-general@postgresql.org
Subject: Re: [GENERAL] Manually authenticating users in pg_shadow
"William Harazim" <wharazim@fulcoinc.com> writes:
> Is there a way, having a user entered username and password, to select a si=
> ngle row from pg_shadow which is using md5 password encryption?
I think what you need to know is that the stored passwd field is formed
thus:
'md5' || md5(password || username);
Substitute this for your crypt() call and you're set. Don't think you
need the separate step to extract salt (you didn't need it before
either, really).
regards, tom lane
