Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By nj_tom on
Drupal 7 urgent help needed: I need to be able to use MD5 with no salt for integrating with tomcat jdbcRealm. I have already created 2 views, one for users and the other for roles and it works fine if I manually update the table password with an MD5 value. What I want is for drupal to store the values in MD5 with no salt rather than a value with it's own hashing algorithm. I am not very proficient in PHP and I need the code urgently for a client deliverable tomorrow. Please help !!!
Comments
Have a look at
Have a look at
I guess you only need to provide your own versions of those functions, changing the user_hash_password function to do whatever you want it to do.
Will anyone be kind enough to
Will anyone be kind enough to provide code for
user_hash_password(), user_check_password(), and user_needs_new_hash() to support only md5?
Hello! You have solved this problem?
Hello! You have solved this problem?
Here's an example
I just did something similar, hopefully this is useful for anyone who stumbles across this post
1. Create a new module, I called mine projectname_legacy_auth
2. add the authentication mechanisms you need to projectname_legacy_auth_password.inc'.
In this case, it's md5().
MD5 password.inc for Drupal7 (D7)
Hi
Below is a simple implementation I created today and seems to work fine after testing with some general user management cases.
To use this implementation you will have to set variable 'pasword_inc' in the variable table. See tools for doing that below.
Instructions:
A. Connecting the database
1. Use some DB browsing tool such as MySQLAdmin or Squirrel SQL to connect with the database.
2. Backup you DB just for in case
B. The cleanup before change
1. Clean all caches
2. Disable all caching.
3. Execute these SQL commands:
DELETE FROM cache WHERE cid = 'variables';
DELETE FROM cache_bootstrap WHERE cid = 'variables';
C. Adding the variable 'password_inc' to 'variable' table.
1. Note that the variable is not there by default
2. Note that variable value is: Hex representation of serialization of a String object that contains the text: "includes/mypassword.inc"
Accordingly simply do insert of this text into database will NOT WORK
3. To make it easy to insert new variables into database I prepared a simple "tools.php" file. For the purpose of this change you should put this file in the ROOT of your drupal website. After that REMOVE it from there.
The code for this tools.php:
==========
===========
4. To set the variable simply use this URL from your browser:
http://[YOUR DOMAIN]/tools.php?mode=set-var&name=password_inc&value=includes/mypassword.inc
If you see: "variable 'password_inc' was set to 'includes/mypassword.inc'
then your variable is ready.
D. Adding mypassword.inc
1. Get the code below and create file "mypassword.inc" (according to value you set for variable above) .
2. Copy this file into the 'includes' directory of your D7 installation
3. Basically you are ready to change passwords.
E. Testing and notes
1. The code for mypassword.inc does not automatically handle the migration and does not support backward compatibility! It means that after this change users can not login into the website.
2. You should either change passwords manually, or ask users to use the "Reset password" link for changing the password into MD5
3. During your test you may reach to 5 bad logins. You user will be blocked. You can free the user by executing this SQL:
"delete from flood;"
4. For debugging of change effect here is what you can do:
4.a of /modules/user/user.module file add these echo commands temporarily into function "user_authenticate":
4b. in mypassword.inc (or password.inc) open echo commands for function " user_check_password "
4c. To see the message you should perform false logins with wring user password. If MD5 is active you will see passwords thatlooks like this: "53dbdb1102881c10fd095fc66e109a04" . If default D7 password.inc is active you will keep seeing passwords that looks like this:
$S$ChH36JXn4yz8.HHZxv.emXbfIk7MfJvrBIPr/BspL/TuOYaxiyjr
5. Note that caching can mislead with results. Make sure that no caching is working when doing the change.
Finally here is the code for mypassword.inc
==============START OF FILE
==============END OF FILE
Hi Dude,
The function user_check_password() does not return any value. The variable $hash and $stored_hash values are echoed. Here is my function where I made few changes.
Please help me.