Changes between Version 36 and Version 37 of WebRpc


Ignore:
Timestamp:
Jan 22, 2009, 7:25:35 AM (15 years ago)
Author:
feet1st
Comment:

Clarify password hash, and point out other ways to obtain authentication string.

Legend:

Unmodified
Added
Removed
Modified

  • WebRpc

    v36 v37  
    362362</font>
    363363}}}
    364  The MD5 hash of the concatenation of the user's password and the lower case form of their EMail address. The user password itself is never send on an RPC call for privacy. [[BR]] [[BR]]
     364 The MD5 hash of the concatenation of the user's password and the lower case form of their EMail address. The user password itself is never sent on an RPC call for privacy. [[BR]] [[BR]]
    365365{{{
    366366#!html
     
    436436</font>
    437437}}}
    438  the MD5 hash of the concatenation of the user's password and the lower case form of the EMail address. One way to obtain the MD5 hash without programming is to use [http://boinc.berkeley.edu/wiki/Boinccmd_tool#Account_query_and_attach boinccmd --lookup_account]  [[BR]] [[BR]]
     438 The MD5 hash of the concatenation of the user's password and the lower case form of the account's EMail address.  [[BR]] [[BR]]
    439439 '''examples'''::
    440440        http://ralph.bakerlab.org/lookup_account.php?email_addr=feet1st@noyaspamhoo.com&passwd_hash=2ab598faf3160ccfa1a2d41a95557a92
     
    448448
    449449 '''action'''::
    450         If an account with the given email address doesn't exist, return an error. If passwd_hash is given and is correct, returns the authenticator. This authentication string is used for other RPC requests.
     450        If passwd_hash is given and is correct, the user's authentication string is returned. This authentication string is required for many of the other RPCs. If no account with the EMail address provided exists, an error is returned.  [[BR]]
     451The authentication string may also be obtained using the [http://boinc.berkeley.edu/wiki/Boinccmd_tool#Account_query_and_attach boinccmd --lookup_account]  tool from an attached BOINC client; or, if the client is attached to the project and not using a weak authentication key, it is also stored in the project's account file, in the <authenticator> tag. This file is located in the BOINC data directory of the BOINC client, and called account_*.xml (where * is replaced by the project URL, with the "!http://" removed and any slashes replaced by underscores; ex: account_boinc.bakerlab.org_rosetta.xml).
    451452
    452453{{{