Modify

Opened 5 years ago

Closed 2 years ago

#6508 closed defect (fixed)

UserExtensiblePermissionStore error

Reported by: anonymous Owned by: pacopablo
Priority: highest Component: DirectoryAuthPlugin
Severity: critical Keywords:
Cc: zhijiex@… Trac Release: 0.11

Description

I installed AccountManagerPlugin, LdapPlugin at trac 0.11.6. I can successfully to login Trac by AD's user and Passwd. But user store has no user info. So I installed ActiveDirectoryAuthPlugin and got a error:
AttributeError: Cannot find an implementation of the "IPermissionStore" interface named "UserExtensiblePermissionStore". Please update the option trac.permission_store in trac.ini.

If I remove UserExtensiblePermissionStore from trac.ini there is no such mistake. But i can not find ActiveDirectoryAuthPlugin info from trac plugins. What should I fill in [components]

of trac.ini?

Attachments (0)

Change History (3)

comment:1 Changed 4 years ago by dr4Ke

I have the same error.

I'm digging into this plugin code to be able to use the UserExtensiblePermissionStore.

Since your post is 9 months old, I'm not sure if you still care about. Anyway, I managed to make it work without UserExtensiblePermissionStore (and then, without admin_group.)

Here is the content of my trac.ini :

# -*- coding: utf-8 -*-

[account-manager]
# Active Directory connection informations
ad_server = xxxxxxxxxxxxxxxx:3268
base_dn = DC=xxxx,DC=xxxx,DC=xxxx
bind_dn = xxxxxxxxxxxxxxxxxx@xxxx.xxxx.xxxx
bind_passwd = xxxxxxxxxxxxxxxxxxxxx
# Enable use of the AD plugin into account manager
password_store = ADAuthStore
# Group containing all authorized users
auth_group = CN=xxxxx,OU=xxxx,DC=xxxx,DC=xxxx,DC=xxxx


[components]
# disable HTTP authentication
trac.web.auth.loginmodule = disabled
# enable accountmanager
acct_mgr.api.accountmanager = enabled
acct_mgr.web_ui.loginmodule = enabled
# enable ActiveDirectoryAuthPlugin
tracext.adauth.auth.adauthstore = enabled

[ticket]
# liste déroulante d'utilisateurs pour l'affectation de tickets
restrict_owner = true

comment:2 Changed 4 years ago by pacopablo

  • Status changed from new to assigned

OK, not entirely sure that I follow the discussion here.

To use the UserExtensiblePermissionStore, you simple enable adauth:

[components]
tracext.adauth.* = enabled

and then you set the permission_store to UserExtensiblePermissionStore:

[trac]
permission_store = UserExtensiblePermissionStore

you will also want to specify an AD group that you want to have admin access:

[account-manager]
admin_group = cn=TracAdmins,ou=Groups,dc=Example,dc=org

This the answer you're looking for?

comment:3 Changed 2 years ago by sandinak

  • Resolution set to fixed
  • Status changed from assigned to closed

assume resolved .. no feedback.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.