[xquery-talk] Log users into existdb using md5 password (xquery)

Adam Retter adam.retter at googlemail.com
Thu Jun 20 08:26:27 PDT 2013 

Luca,

As this is a very eXist-db specific question can I ask you to re-post
this on the exist-open mailing list please? Here is not really the
correct forum for eXist specific questions...

On 20 June 2013 16:17, Luca Cervone <luca.cervone at unibo.it> wrote:
> Hi,
> I need to log users into existdb using xquery. Of course I can use this code:
>
> xquery version "3.0";
> declare namespace exist = "http://exist.sourceforge.net/NS/exist";
> declare namespace request="http://exist-db.org/xquery/request";
> declare namespace xmldb="http://exist-db.org/xquery/xmldb";
> declare option exist:serialize "method=json media-type=text/javascript";
>
> let $userName := request:get-parameter("userName", ())
> let $hash := request:get-parameter("hash", ())
> let $login := xmldb:authenticate('/db', $userName, $hash)
> return  <ajax-response>
>             <success>{$login}</success>
>         <username>{$userName}</username>
>     </ajax-response>
>
> The problem is that, due to the fact that I receive the password and the username from another service, I receive them in hash form encrypted with md5 (because the can't be passed in clear from a service to another).
> But the xmldb:authenticate function needs the password in clear. How can I resolve this? Any idea? Is there a way to login 'manually' in xquery without using the authenticate function?
>
>
> Luca Cervone
> Web And XML Solutions Designer
>
> CIRSFID - University of Bologna, Via Galliera 3, 40122, Bologna (Italy)
> Office Phone Number:   +39 051 277267
> Home Phone Number:   +39 051 19982894
> Mobile Phone:                 +39 3482627545
> Skype:                              cervoneluca
> Email:                               cervoneluca at gmail.com, luca.cervone at unibo.it
>
>
> 5x1000 AI GIOVANI RICERCATORI
> DELL'UNIVERSITÀ DI BOLOGNA
> Codice Fiscale: 80007010376
> www.unibo.it/Vademecum5permille
>
> Questa informativa è inserita in automatico dal sistema al fine esclusivo della realizzazione dei fini istituzionali dell’ente.
>
> _______________________________________________
> talk at x-query.com
> http://x-query.com/mailman/listinfo/talk



-- 
Adam Retter

skype: adam.retter
tweet: adamretter
http://www.adamretter.org.uk

More information about the talk mailing list