Modify

Opened 5 years ago

Closed 20 months ago

#4677 closed defect (fixed)

[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration

Reported by: jerry2038 Owned by: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: major Keywords: configuration conflict
Cc: Trac Release: 0.11

Description (last modified by hasienda)

I am running Trac 0.11 on Centos 5.2.

I installed AccountManagerPlugin and configured an HtDigestStore module using the file trac.htdigest. Got everything working. Playing with chaining stores together (eventual goal is HtDigest + LDAP), I enabled the HtPasswdStore and then visited /trac/admin/accounts/config to configure. I set priority of HtDigestStore to 1 and priority of HtPasswdStore to 2 and set the file for HtPasswdStore to trac.htpasswd.

Clicked on save.

Visited the filename field for HtDigestStore and it had changed from trac.htdigest to trac.htpasswd.

Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

If the two cannot be changed, somehow that should be indicated to the user.

Attachments (1)

20110625_acct-mgr_fx-4677.patch (1.0 KB) - added by hasienda 3 years ago.
allow password file configuration per file store type

Download all attachments as: .zip

Change History (8)

comment:1 Changed 4 years ago by hasienda

  • Keywords needinfo configuration conflict added
  • Owner changed from pacopablo to hasienda

Q: What is «AMP»?

Anyway, the request looks reasonable enough, to try to resolve it. As I haven't done much research into the concurrent AuthStore setup special case, it'll still take some time, before I get a clue myself. Patch welcome.

comment:2 Changed 4 years ago by hasienda

See #5550, as it could be relevant and maybe even should be implemented together with allowing «mixed» configurations as suggested here.

Changed 3 years ago by hasienda

allow password file configuration per file store type

comment:3 in reply to: ↑ description Changed 3 years ago by hasienda

  • Keywords needinfo removed
  • Severity changed from normal to major
  • Status changed from new to assigned
  • Summary changed from AMP: Admin based chaining HtDigestStore & HtPasswdStore breaks configuration to [patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration

Replying to jerry2038:

![...]
Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

Right, so the 1st patch (aplies on top of r10371) just does the foreseeable thing: It creates two new configuration options

  • htdigest_password_file
  • htpasswd_password_file

that must be used instead. The old password_file won't show up anymore.

While not a hack, this may still be a preliminary workaround, as I'm not sure about a good design for #5550. Patches welcome.

comment:4 Changed 3 years ago by hasienda

(In [10396]) AccountManagerPlugin: Add separate password files for each AbstractPasswordFileStore implementation, refs #4677.

Creates two new configuration options

  • htdigest_file
  • htpasswd_file

allow setup of HtDigestStore and HtPasswdStore with separate password
files for concurrent use.

Beware: If you used one of these authentication stores before, you'll need to
rename password_file option to the appropriate new option name to avoid
a painful DOS situation on login. Better login before upgrading and make sure
to check the account config admin page after upgrade and before logging out.

comment:5 Changed 3 years ago by hasienda

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

comment:6 Changed 22 months ago by hasienda

  • Description modified (diff)

improved report text formatting

comment:7 Changed 20 months ago by hasienda

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release
closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution,
refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress,
but known to require more work to resolve them satisfactorily,
refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good
portion of this development work.

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from hasienda. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.