Has anyone come up with a way to allow remote users to change their own passwords in VisualSVN server? We have it running in 'stand-alone' (non-ActiveDirectory) mode and the only down side that I've found to this excellent product is that users can't set or change their passwords.
It's something I can live with, but the security implications of passwords that never change are well known. I'm sure it must be possible to add the functionality, but I'm not the least bit talented in any of the technologies used by VisualSVN - so just wondering if anyone has done it?
UPDATE 2010-12-21
I've decided to have a bash at implementing this 开发者_运维百科myself. First obstacle, with which I'd appreciate some help, is the password encryption. I've found that VisualSVN has a password file, called htpasswd
which has a list of users in the following format:
JoePublic:$apr1$lpq$kF8nZjjuFxgJBExK8ruf20
JoePublic is the username, I presume the colon is a delimiter and the rest is some sort of password hash. The actual password used in this case was ForgetMeNot
.
This doesn't seem to be an MD5 or SHA hash, but I'm not very worldly wise in this area, so it may well be. Given the information above, can anyone deduce the algorithm being used?
If you need that functionality then you'll need to integrate with Active Directory, which is really a good idea anyways so users don't have to manage multiple separate passwords.
You can't reset user's password via web interface however WMI (Windows Management Instrumentation) provider of VisualSVN Server allows you to reset a password. I.e. you can access VisualSVN Server via WMI so you can write a script on various programming languages to manage the server and automate maintenance tasks.
See Windows Management Instrumentation interface reference.
Unfortunately VisualSVN Server WMI provider is not documented however you can look though MOF file which describes available classes, methods and properties. You can also check WMI Administrative Tools, this toolkit is very helpful when you want to explore WMI infrastructure.
The following PowerShell script will set qwerty123
password for a Subversion user username
on a VisualSVN Server instance located on computer.contoso.com
on your network.
$svnuser = Get-WmiObject -Namespace Root\VisualSVN -ComputerName computer.contoso.com -query "select * from VisualSVN_User where name = 'username'"
$svnuser.SetPassword('qwerty123')
Please note that this script is a sample and you may need to adjust the command to work in your environment. E.g. you may need to pass '-credential' parameter to authenticate successfully. Make sure that user account under which you authenticate has administrator privileges or at least is a member of VisualSVN Server Admins local group.
The password used by VisualSVN
is md5
format with htpasswd
. Basically to test, use this:
htpasswd -cm test.htpass JoePublic
and verify the results.
精彩评论