auth_http - Password always different
nsclick at gmx.de
nsclick at gmx.de
Mon Dec 23 11:47:11 UTC 2019
Hello,
I'm trying to use "auth_http" to handle the authentication for SMTP.
The auth script itself is a PHP script. At the beginning of the script I'm doing the following (just for testing!!! The passwords will not be logged later):
if( !isset($_SERVER["HTTP_AUTH_USER"]) || !isset($_SERVER["HTTP_AUTH_PASS"]) )
{
// User or Password are NOT set.
fail("Invalid user or password");
}
$username = $_SERVER["HTTP_AUTH_USER"];
$userpass = $_SERVER["HTTP_AUTH_PASS"];
$protocol = $_SERVER["HTTP_AUTH_PROTOCOL"];
$fd=fopen('php_mail.log', 'a');
fputs($fd, "User: [".$username."] Protocol: [".$protocol."] Pass: [".$userpass."]\n");
fclose($fd);
However, the passwords I see in the log are different all the time for the same user.
Often they consist of 32 hexadecimal digits (but never the same combination) or sometimes they are simply the username with brackets around.
For my understanding the received password should be the same all the time, because otherwise I cannot check the user credentials.
Is there a problem with my understanding or do I miss something?
Thanks,
Thomas
More information about the nginx
mailing list