id,summary,reporter,owner,description,type,status,priority,component,severity,resolution,keywords,cc,release
10827,Obscure authentication scheme,techtonik,hasienda,This is a reply to comment:21:ticket:8545:\r\n\r\nThe #10826 is a proof that while implemented solution in #8545 might fix some problems it is still a hack.\r\n\r\nA good fix will require documenting authentication process properly_ covering two user stories.\r\n1. How does Trac detects authenticated users internally?\r\n2. How different components authenticate users at the same time?\r\n\r\nThe next step is decouple REMOTE_USER (external auth) from Trac Auth plugins (internal auth) and provide internal auth API that will solve the following problems:\r\n\r\n1. check if user is already authenticated\r\n2. authenticate user\r\n3. audit authentication process\r\n4. skip authentication if 1. is true\r\n,defect,new,normal,AccountManagerPlugin,normal,,authentication API,rjollos,0.11