1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Do external login without knowing the password

Discussion in 'Sitebuilder 4.0 for Linux' started by adaniels, Jan 31, 2008.

  1. adaniels

    adaniels Guest

    0
     
    Currently to use external log, you need to know the password of the user. When the user is created you can generate one and save that. However this does not prevent the user from changing it through the admin panel or through 'forgot you password'.

    It would be much nicer if next to the password there was another was to redirect the user and log him in. A (safe) solution for this would be to have a secret key, which is combined with the user name to create an MD5 hash. This key is known sitebuilder as well as in the external software, however it is not known to the user.

    http://sitebuilder.example.com/external_login.php?Login=<?=$user?>&LoginHash=<?=md5($user.$secret_key)?>
     
Loading...