#4398 enhancement new
PBServerFactory should support plain password credentials
|Reported by:||victorlin||Owned by:||Louis|
Due to the authentication method build-in in PBServerFactory, it is impossible to login with a plain password like this: factory.login(credentials.UsernamePassword("victor", "abc")). Therefore, I can't use a hashed password file at server side. Like this one: checkers.FilePasswordDB(htpasswordFile, hash=hashFunction). The server will said that there is no checker for the credentials.
Surely, it is not secure to send a plain password over internet, but how about through SSL? I think the PBServerFactory should support both plain and hashed authentication methods. Otherwise, it is also insecure to store passwords as plain text on server side.
Change History (18)
comment:9 Changed 4 years ago by
|Owner:||set to Louis|
|Status:||reopened → new|