LoginModule

Package

acct_mgr.web_ui

Allows users to login via a HTML form instead of using HTTP authentication.

Configuration

To use the AccountManager’s HTML form, you need to explicitly disable Trac's own HTTP authentication module. To do so add this your trac.ini or find and modify existing lines accordingly:

[components]
acct_mgr.web_ui.LoginModule = enabled

trac.web.auth.LoginModule = disabled

When using the ​tracd server be sure not to use the --auth or --basic-auth options. Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use AccountManagerPlugin's HTML form.

If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form. In order to disable the authentication look for a section in the Apache configuration file like:

<Location /trac/login>
   # Some options like AuthType and AuthUserFile
   Require valid-user
</Location>

Deleting or commenting the Require valid-user line should be sufficient to disable HTTP authentication. After you’ve tested it, you can probably delete or comment out the rest of the authentication options. In some pre-bundled packages as Bitnami Trac you will find it inside an apache configuration extension as trac.conf (BitnamiTrac\trac\conf\trac.conf)

Compatibility

requires Trac >= 0.10

To use this module with ​tracd stand-alone server you'll need Trac 0.10 or later version, or an external webserver such as Apache.

---

RegistrationModule

Package

acct_mgr.web_ui

Enables users to register a new account. It adds a “Register” link on the same menu bar as the “Login” link.

Configuration

[components]
acct_mgr.web_ui.RegistrationModule = enabled

Warning: You must enable one of the password storage modules for the Registration Module to work.

Note: You must not enable ignore_auth_case in trac.ini as otherwise this module won’t work. [Update: This doesn't apply to trunk branch anymore. Use a revision at changeset [9286] or later to lift this limitation.]

---

EmailVerificationModule

Package

acct_mgr.web_ui

If you enable this, users will be sent an email with a verification code to enter, to approve it is really their own email address:

Configuration

[components]
acct_mgr.web_ui.EmailVerificationModule = enabled

Until they entered the verification code on the URL sent with the email, their permissions will be restricted (even if they have the TRAC_ADMIN privilege, they won't be able to access anything exceeding the standard privileges of authenticated users). Update: After changeset [9304] ACCTMGR_ADMIN (and TRAC_ADMIN, as it inherits it among all other privileges) won't be bothered with the verification procedure.

This has been added as a strict requirement now as suggested by ticket #5509 to trunk code with changeset [9277], but was not enforced before, so verification only happened, if an email had been specified on registration. In other words, if some user registered w/o specifying an email address, this was possible and an unrestricted account was created without requiring further actions.

Note that if you don't want to enforce entering a valid email on registration, you may want to disable this component. An option

[account-manager]
verify_email = false

for switching this off easily, to restore the old behavior of AccountManagerPlugin by default, is available since changeset [9304] as well.