1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice

Is it possible to pre-load a bunch of users to a protected directory?

Discussion in 'Plesk for Linux - 8.x and Older' started by SacAutos, Aug 12, 2005.

  1. SacAutos

    SacAutos Regular Pleskian

    29
    40%
    Joined:
    Aug 23, 2002
    Messages:
    182
    Likes Received:
    0
    I've got a website where the customer has a long list of users (several hundred) that are to have protected-diirectory access to a section of the site. I've been managing it with a separate htaccess file outside of Plesk but I'd rather bring it in so they can manage it through the control panels. Is there a way to pre-load the users and passwords in by going directly to the MySQL tables? I've found protected_dirs and pd_users as relevant tables but noplace where the passwords are stored. Perhaps somebody knows more about this?

    [Running Plesk 7.5.2 on FC2]
     
  2. SacAutos

    SacAutos Regular Pleskian

    29
    40%
    Joined:
    Aug 23, 2002
    Messages:
    182
    Likes Received:
    0
    Found an answer but still have troubles

    Well, since nobody else jumped in on this one, I'll help by answering it myself. Thanks to some help from sw-soft, I was directed to this URL:

    http://download1.sw-soft.com/Plesk/Plesk7.5/Doc/plesk-7.5r-sdk-html/docs/cu/unix/ch10.html

    It describes using the command prompt to invoke a script that add users. Since I had 770 of them, this was quite helpful for the most part.

    However, I've been bitten by another problem. This has to do with PSA's refusal to allow passwords that are four characters in length (or shorter). I can understand this as a security matter; but I really need to be able to override this. Why? Because the passwords that the client has assigned for the user ids are people's last names. It's really embarrassing trying to explain to folks why it worked fine on the "old system" and why it won't work now.

    Isn't there some way to get around this arbitrary behavior by PSA? I plead for mercy...
     
  3. jamesyeeoc

    jamesyeeoc Guest

    0
     
    First, I personally do not see a problem in telling clients that it is in their own best interests to have longer more secure passwords. In this day and age, they generally accept this.

    As to a possible workaround, once the information is processed by Plesk, there are entries made in the psa database, you have already found the username, here is where the password is linked to:

    For the username:
    Database: psa
    Table: pd_users
    Field: login = username
    Field: account_id linked to accounts.id

    For the matching password:
    Database: psa
    Table: accounts
    Field: id = pd_users.account_id
    Field: password (plain text)

    But even manually changing the database will not help you. The information you originally enter is then put into a file kept in:

    /home/httpd/vhosts/domain.com/pd

    For example, if you protect directory 'test', then the filename will be "d..test". If you look in this file, you will see line entries corresponding to each user/pwd combination. The username is clear text, the password is encoded.

    This is the file which Apache refers to when authenticating the user's access. The database maintained by Plesk is not accessed by Apache.

    So you would have to encode your own 4 character passwords and put them into this file.

    The rest I leave to you to figure out, ie. figuring out the encoding of the passwords. Again, I do not personally agree with allowing clients to have the choice of using short or 'easy' passwords. I like having more security, not less.

    I almost forgot, I realize this does not get around the built-in length limit of the control panel, but their scripts are encoded, not open source, so I do not believe there is a way to modify their scripts to allow less than 5 character passwords. I am just giving additional information for you as a possible workaround. Like if you were to create your own management script and add it as a custom script/button to the control panel.
     
Loading...