Opened 15 years ago
Last modified 11 years ago
#4677 closed defect
[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration — at Version 6
Reported by: | jerry2038 | Owned by: | Steffen Hoffmann |
---|---|---|---|
Priority: | normal | Component: | AccountManagerPlugin |
Severity: | major | Keywords: | configuration conflict |
Cc: | Trac Release: | 0.11 |
Description (last modified by )
I am running Trac 0.11 on Centos 5.2.
I installed AccountManagerPlugin and configured an HtDigestStore module using the file trac.htdigest
. Got everything working. Playing with chaining stores together (eventual goal is HtDigest + LDAP), I enabled the HtPasswdStore and then visited /trac/admin/accounts/config to configure. I set priority of HtDigestStore to 1 and priority of HtPasswdStore to 2 and set the file for HtPasswdStore to trac.htpasswd
.
Clicked on save.
Visited the filename field for HtDigestStore and it had changed from trac.htdigest
to trac.htpasswd
.
Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.
If the two cannot be changed, somehow that should be indicated to the user.
Change History (7)
comment:1 Changed 14 years ago by
Keywords: | needinfo configuration conflict added |
---|---|
Owner: | changed from John Hampton to Steffen Hoffmann |
comment:2 Changed 14 years ago by
See #5550, as it could be relevant and maybe even should be implemented together with allowing «mixed» configurations as suggested here.
Changed 13 years ago by
Attachment: | 20110625_acct-mgr_fx-4677.patch added |
---|
allow password file configuration per file store type
comment:3 Changed 13 years ago by
Keywords: | needinfo removed |
---|---|
Severity: | normal → major |
Status: | new → assigned |
Summary: | AMP: Admin based chaining HtDigestStore & HtPasswdStore breaks configuration → [patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration |
Replying to jerry2038:
![...] Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.
Right, so the 1st patch (aplies on top of r10371) just does the foreseeable thing: It creates two new configuration options
- htdigest_password_file
- htpasswd_password_file
that must be used instead. The old password_file
won't show up anymore.
While not a hack, this may still be a preliminary workaround, as I'm not sure about a good design for #5550. Patches welcome.
comment:4 Changed 13 years ago by
(In [10396]) AccountManagerPlugin: Add separate password files for each AbstractPasswordFileStore
implementation, refs #4677.
Creates two new configuration options
- htdigest_file
- htpasswd_file
allow setup of HtDigestStore
and HtPasswdStore
with separate password
files for concurrent use.
Beware: If you used one of these authentication stores before, you'll need to
rename password_file
option to the appropriate new option name to avoid
a painful DOS situation on login. Better login before upgrading and make sure
to check the account config admin page after upgrade and before logging out.
comment:5 Changed 13 years ago by
(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.
The generic option password_file
is now explicitly depreciated.
Q: What is «AMP»?
Anyway, the request looks reasonable enough, to try to resolve it. As I haven't done much research into the concurrent AuthStore setup special case, it'll still take some time, before I get a clue myself. Patch welcome.