Authentication always fails due to using old, depreciated config option 'password_file'

[asterix@…]

After upgrade to latest version, authentication always fails. I enabled debug log, and I see that in log file:

2011-12-12 23:15:31,131 Trac[htfile] ERROR: acct_mgr: check_password() -- Can't locate password file ""

Here is a part of my trac.ini:

[account-manager]
account_changes_notify_addresses = MY_MAIL
force_passwd_change = true
htpasswd_hash_type = crypt
notify_actions = new,change
password_file = FULL_PATH_TO_passwd
password_store = HtPasswdStore
persistent_sessions = true
refresh_passwd = false

acct_mgr.admin.* = enabled
acct_mgr.api.* = enabled
acct_mgr.notification.* = enabled
acct_mgr.pwhash.htpasswdhashmethod = enabled
acct_mgr.web_ui.RegistrationModule = enabled
acct_mgr.htfile.HtPasswdStore = enabled
acct_mgr.web_ui.LoginModule = enabled
trac.web.auth.LoginModule = disabled

I use trac 0.12.2, debian server, apache2, wsgi, TracAccountManager-0.4dev_r10747

[asterix@…]

I just switch to stable TracAccountManager-0.3.2 and it works

[Steffen Hoffmann]

If you would like to go on, here is how and why: htpasswd_file is the next-gen and password_file is strongly discouraged now (see #4677).

TracIni is your friend and will tell you at least about the new options. And you should read the changelog​, especially for the development version, that has these details too:

 * #4677: Admin based chaining HtDigestStore & HtPasswdStore breaks config
   by adding dedicated options 'htdigest_file' and 'htpasswd_file'

I accept this a documentation bug and will follow-up after fixing the appropriate wiki page. Thanks for reporting.

[Steffen Hoffmann]

• wiki:CookBook/AccountManagerPluginConfiguration
• wiki:AccountManagerPlugin/AuthStores

edited to give better kick-start as well as up-to-date details module information

Further comments?

[anonymous]

thanks, that works now, except I needed to do a small patch in acct_mgr/web_ui.py, line 48: username -> user:

    username = acctmgr.handle_username_casing(
                        req.args.get('user').strip())

Because the HTML form field name in user, not username.

[Steffen Hoffmann]

Replying to anonymous:

thanks, that works now,

Glad to hear that, thanks for the feedback.

except I needed to do a small patch in acct_mgr/web_ui.py, line 48: username -> user ... Because the HTML form field name in user, not username.

Hold on, please. We have register.html and admin_users.html, but both have two fields:

username

internal name directly corresponding to sid in Trac sessions

user

Pre-/Surname (Nickname)

Current code still looks good to me. I think you made at least false assumptions on the meaning. Comments?

[anonymous]

Indeed I see that in the sources. There is maybe something wrong in my sources or configuration. Or maybe it's a problem in TracRecaptchaRegister plugin, but I don't have a username field in my html form (​https://trac.gajim.org/register if you want to see)

[Steffen Hoffmann]

If this is a problem for you, updating your sources should fix it.

Looking at recent change history you must have a copy of one of the 22 revisions starting at the change user -> username in [10288] and right before [10370], where this got fixed specifically for the register.html template. This last revision and anything beyond should be fine.

[anonymous]

I'm already running r10747. But as I said I also use TracRecaptchaRegister plugin, and it's there register form that is used, which doesn't have username field.

[Steffen Hoffmann]

Replying to anonymous:

I'm already running r10747. But as I said I also use TracRecaptchaRegister plugin, and it's there register form that is used, which doesn't have username field.

Ok, now we're getting closer. The remaining issue is a duplicate of #9020 for RecaptchaRegisterPlugin.

Fixing the documentation was urgent. But now we're leaving the scope of this plugin, so we can't do anything more, here. Nevertheless I'm interested in solutions, so you may notice my comments on #9020 proposing ways to resolve that issue.