OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



[SOLVED] Importing old system passwords to OJS2.X

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.

[SOLVED] Importing old system passwords to OJS2.X

Postby mbria » Wed Sep 06, 2006 11:10 am

Hi all,

Finishing my old magazine importation, now it's user's accounts time. :-)

I know about the user importation/exportation plugin and I found the dtd so this is not the issue... my concern is related with importing user without asking them to set their passwords again.

The old system don't encode the password in it's database so I can read them without problems, but although my config indicates sha1 to OJS, a simple sha1($oldpass); don't encrypt it as in ojs.

I noticed in this post, you use a salt: viewtopic.php?t=513&highlight=sha1

But I didn't find this salt in the table it's supossed to be...

Any suggestion? Is this possible or I'm asking too much?

Best regards and thanks you all for your unvaluable help,

Marc.
Last edited by mbria on Thu Sep 07, 2006 3:40 pm, edited 4 times in total.
mbria
 
Posts: 299
Joined: Wed Dec 14, 2005 4:15 am

Postby asmecher » Wed Sep 06, 2006 1:31 pm

Hi Marc,

When you hash the password, you can't use sha1('oldpassword') -- you need to include the username too. For example, for a user with username "myUsername" and password "myPassword", you should set the password to sha1('myUsernamemyPassword').

Regards,
Alec Smecher
Open Journal Systems Team
asmecher
 
Posts: 8676
Joined: Wed Aug 10, 2005 12:56 pm

solved

Postby mbria » Thu Sep 07, 2006 2:34 am

Perfect.

It's exactly as you said.

Thanks again, and again, and again... :-)

Marc.
mbria
 
Posts: 299
Joined: Wed Dec 14, 2005 4:15 am

Encrypted password is not correctly imported.

Postby mbria » Thu Sep 07, 2006 3:13 pm

Dear asmecher et. al,

With your commentaries I was able to generate a sha1 password as it need to be included in the database (I compare an existing user/pass in OJS and my generated one and they are excactly the same), but I suspect that the user importation's plugin don't really import the password if this is crypted.

Does it need to be "clean" to let the importer do sha1 work or the only way to include old passwords is overwriting it field directly at the database?

Thanks again for your help,

m.
mbria
 
Posts: 299
Joined: Wed Dec 14, 2005 4:15 am

Postby asmecher » Thu Sep 07, 2006 3:28 pm

Hi Marc,

There's a known issue in OJS 2.1.1 with SHA1 hashing in the user import plugin; it's been corrected in CVS. You should be able to back-port the fix to your installation by downloading the most recent versions of the following files:Regards,
Alec Smecher
Open Journal Systems Team
asmecher
 
Posts: 8676
Joined: Wed Aug 10, 2005 12:56 pm

great !!

Postby mbria » Thu Sep 07, 2006 3:39 pm

Don't you sleep? :-)

Thanks a lot for everything. I can't imagine porting my magazine to OJS without your help.

Best regards,

m.
mbria
 
Posts: 299
Joined: Wed Dec 14, 2005 4:15 am


Return to OJS Technical Support

Who is online

Users browsing this forum: HexarDan and 5 guests