I'd first try sniffing the wire to see what's coming into the server. Michael On Thu, 22 May 2003, ahoward wrote: |> On Thu, 22 May 2003 ingo@xxxxxxxxxxxxxx wrote: |> |> > On Thu, May 22, 2003 at 03:04:40PM +0000, ahoward wrote: |> > > i'm guessing this may have something to do with grabbing chars from the |> > > textbox and echo'ing them with '*' and the non-portable methods used to do |> > > that, but this sounds absolutely crazy even as i'm writing it! |> > |> > Well, that part of the authentication is entirely up to the browser. |> > The server, and therefore mod_auth_pam, only sees the password (in its |> > entirety) once it is sent by the browser. So, to the server it |> > doesn't make a difference wether you type fast or not, it doesn't have |> > anything to do with processing user input. |> |> yeah. i realize that - i'm just wondering if others have seen this (saw a few |> unexplained posts regarding 'perfect username password and still auth |> failure', etc. and wondered if people had tried typing S-L-O-W-L-Y because, |> as dumb as that sounds - it's works on many of our systems... obviously if |> this *is* the source of the problem the password is arriving at the server in |> mangled form. |> |> this whole thing just sounds impossible, but hey.. |> |> i'd like to see if i could confirm that the password arrives mangled but |> apache is hard to strace since there are many processes - which one would get |> the request? do you simply strace them all? any thought on this? |> |> > Unless I'm mistaken, you should report a bug to the browser |> > developers. |> |> if i determine that it *is* a bug - i will. at this point am remain |> unconvinced - but no other explaination has surfaced. |> |> |> -a |> -- |> ==================================== |> | Ara Howard |> | NOAA Forecast Systems Laboratory |> | Information and Technology Services |> | Data Systems Group |> | R/FST 325 Broadway |> | Boulder, CO 80305-3328 |> | Email: ara.t.howard@xxxxxxxxxxxx |> | Phone: 303-497-7238 |> | Fax: 303-497-7259 |> | ~ > ruby -e 'p % ^) .intern' |> ==================================== |> |> |> _______________________________________________ |> |> Pam-list@xxxxxxxxxx |> https://www.redhat.com/mailman/listinfo/pam-list |> -- /* BEGIN SIG * * "Afraid of change, afraid of staying the same, * when temptation calls, we just look away." * - Barenaked Ladies * * "He started writing in mirror writing, 'Help! I'm * trapped behind the world.'" * - New York State Journal of Medicine * *----------------------------- * Michael Chang * miranda@xxxxxxxxxx * http://www.syndetic.org/ */ _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
