VisualSVN服务器密码更改
有没有人想出一种方法来允许远程用户在 VisualSVN 服务器中更改自己的密码?我们让它以“独立”(非 ActiveDirectory)模式运行,我发现这个优秀产品的唯一缺点是用户无法设置或更改其密码。
这是我可以忍受的,但永不更改的密码的安全隐患是众所周知的。我确信添加这些功能一定是可能的,但我对 VisualSVN 使用的任何技术都没有一点天赋 - 所以只是想知道是否有人做到了?
更新2010-12-21
我决定亲自实施这个。第一个障碍是密码加密,我希望得到一些帮助。我发现 VisualSVN 有一个名为 htpasswd 的密码文件,其中包含以下格式的用户列表:
乔公共:$apr1$lpq$kF8nZjjuFxgJBExK8ruf20
JoePublic 是用户名,我认为冒号是分隔符,其余的是某种密码哈希。本例中使用的实际密码是ForgetMeNot。
这似乎不是 MD5 或 SHA 哈希值,但我在这方面不是很懂行,所以很可能是。根据上述信息,任何人都可以推断出所使用的算法吗?
Has anyone come up with a way to allow remote users to change their own passwords in VisualSVN server? We have it running in 'stand-alone' (non-ActiveDirectory) mode and the only down side that I've found to this excellent product is that users can't set or change their passwords.
It's something I can live with, but the security implications of passwords that never change are well known. I'm sure it must be possible to add the functionality, but I'm not the least bit talented in any of the technologies used by VisualSVN - so just wondering if anyone has done it?
UPDATE 2010-12-21
I've decided to have a bash at implementing this myself. First obstacle, with which I'd appreciate some help, is the password encryption. I've found that VisualSVN has a password file, called htpasswd which has a list of users in the following format:
JoePublic:$apr1$lpq$kF8nZjjuFxgJBExK8ruf20
JoePublic is the username, I presume the colon is a delimiter and the rest is some sort of password hash. The actual password used in this case was ForgetMeNot.
This doesn't seem to be an MD5 or SHA hash, but I'm not very worldly wise in this area, so it may well be. Given the information above, can anyone deduce the algorithm being used?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
如果您需要该功能,那么您需要与 Active Directory 集成,无论如何,这确实是一个好主意,因此用户不必管理多个单独的密码。
If you need that functionality then you'll need to integrate with Active Directory, which is really a good idea anyways so users don't have to manage multiple separate passwords.
您无法通过 Web 界面重置用户密码,但是 WMI(Windows 管理
VisualSVN Server 的 Instrumentation)提供程序允许您重置密码。即,您可以通过 WMI 访问 VisualSVN Server,以便您可以使用各种编程语言编写脚本来管理服务器并自动执行维护任务。
请参阅Windows Management Instrumentation 界面参考。
不幸的是,VisualSVN Server WMI 提供程序没有记录在案,但您可以查看描述可用类、方法和属性的 MOF 文件。您还可以查看WMI管理工具,这个工具包是当您想要探索 WMI 基础设施时非常有帮助。
以下 PowerShell 脚本将为位于网络上
computer.contoso.com上的 VisualSVN Server 实例上的 Subversion 用户username设置qwerty123密码。请注意,此脚本是一个示例,您可能需要调整该命令才能在您的环境中工作。例如,您可能需要传递“-credential”参数才能成功进行身份验证。确保您进行身份验证的用户帐户具有管理员权限,或者至少是 VisualSVN Server Admins 本地组的成员。
You can't reset user's password via web interface however WMI (Windows Management
Instrumentation) provider of VisualSVN Server allows you to reset a password. I.e. you can access VisualSVN Server via WMI so you can write a script on various programming languages to manage the server and automate maintenance tasks.
See Windows Management Instrumentation interface reference.
Unfortunately VisualSVN Server WMI provider is not documented however you can look though MOF file which describes available classes, methods and properties. You can also check WMI Administrative Tools, this toolkit is very helpful when you want to explore WMI infrastructure.
The following PowerShell script will set
qwerty123password for a Subversion userusernameon a VisualSVN Server instance located oncomputer.contoso.comon your network.Please note that this script is a sample and you may need to adjust the command to work in your environment. E.g. you may need to pass '-credential' parameter to authenticate successfully. Make sure that user account under which you authenticate has administrator privileges or at least is a member of VisualSVN Server Admins local group.
VisualSVN使用的密码是md5格式,带有htpasswd。基本上要测试,请使用此:并验证结果。
The password used by
VisualSVNismd5format withhtpasswd. Basically to test, use this:and verify the results.
从版本 4.3.6 开始,用户可以通过浏览器完成此操作。服务器属性面板。
通过浏览器访问时,该选项显示在页面右上角
As of version 4.3.6, it can be done from the browser by user. The server properties panel.
The option appears on top right corner of the page when accessed through browser