[Twisted-Python] Authentication with Perspective Broker and hashed password file

Tommi Virtanen tv at twistedmatrix.com
Sat Feb 12 03:34:10 EST 2005


Dave Cook wrote:
> Failure: twisted.cred.error.UnhandledCredentials: No checker for  
> twisted.spread.interfaces.IJellyable,
> twisted.cred.credentials.IUsernameHashedPassword,
                                     ^^^^^^
> twisted.cred.credentials.ICredentials,
> twisted.spread.pb.IUsernameMD5Password
                     ^^^^^^^^^^^^^^^^^^^^
> 
> However, if I use plaintext passwords, it works fine.  
> 
> I'm working with the example in the book:
> 
> http://twistedmatrix.com/documents/current/howto/pb-cred#auto7
> 
> with the credential checker set to
> 
> import sha
> myChecker = checkers.FilePasswordDB("my_hashed_passwd_file",
>                                     hash =
>                                     lambda u, p, h: sha.new(p).hexdigest())

Locally hashing the password only works when the password is transferred
over the wire in plaintext.

PB uses a challenge-response authentication, which by it's nature
requires you to store passwords in plaintext.

You need a checker for IUsernameHashedPassword. FilePasswordDB is one,
as long as you don't pass it the argument hash.




More information about the Twisted-Python mailing list