Changes between Version 104 and Version 105 of AccountManagerPlugin


Ignore:
Timestamp:
Nov 25, 2010 9:31:13 PM (4 years ago)
Author:
hasienda
Comment:

start to move out more information for better readability

Legend:

Unmodified
Added
Removed
Modified
  • AccountManagerPlugin

    v104 v105  
    185185 
    186186=== !LoginModule === 
    187  '''Package''':: acct_mgr.web_ui 
    188  
    189 '''Warning:''' this module is not supported using the [trac:TracStandalone tracd] stand-alone server on Trac 0.9.  It either needs Trac 0.10 or later, or an external webserver such as Apache. 
    190  
    191187Allows users to login via a HTML form instead of using HTTP authentication. 
    192188 
    193 {{{ 
    194 #!cfg 
    195 [components] 
    196 acct_mgr.web_ui.LoginModule = enabled 
    197 }}} 
    198  
    199 [[Image(login-form.png)]] 
    200  
    201 ==== Disable HTTP authentication ==== 
    202  
    203 To use the AccountManager’s form-based login system instead, add this your trac.ini:  
    204  
    205 {{{ 
    206 #!cfg 
    207 [components] 
    208 trac.web.auth.LoginModule = disabled  
    209 }}} 
    210  
    211 When using the [trac:TracStandalone tracd] server be sure '''not''' to use the `--auth` or `--basic-auth` options.  Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use the HTML form. 
    212  
    213 If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form.  In order to disable the authentication look for a section in the Apache configuration file like: 
    214  
    215 {{{ 
    216 <Location /trac/login> 
    217    # Some options like AuthType and AuthUserFile 
    218    Require valid-user 
    219 </Location> 
    220 }}} 
    221  
    222 Deleting or commenting the `Require valid-user` line should be sufficient to disable HTTP authentication.  After you’ve tested it you can probably delete or comment out the rest of the authentication options. In some pre-bundled packages as Bitnami Trac you will find it inside an apache configuration extension as trac.conf (BitnamiTrac\trac\conf\trac.conf) 
     189See [wiki:AccountManagerPlugin/Modules#LoginModule details]. 
    223190 
    224191=== !RegistrationModule === 
    225  '''Package''':: acct_mgr.web_ui 
    226  
    227 Enables users to register a new account.  It adds a “Register” link on the same menu bar as the “Login” link. 
    228  
    229 {{{ 
    230 #!cfg 
    231 [components] 
    232 acct_mgr.web_ui.RegistrationModule = enabled 
    233 }}} 
    234  
    235 [[Image(register.png)]] 
    236  
    237 {{{ 
    238 #!div class="important" 
    239 '''Warning:''' You must enable one of the [wiki:AccountManagerPlugin/AuthStores password storage modules] for the Registration Module to work. 
    240 }}} 
    241 '''Note:''' You must not enable `ignore_auth_case` in `trac.ini` as otherwise this module won’t work. 
     192Enables users to register a new account.  It adds a “Register” link on metanav, the same menu bar as the “Login” link. 
     193 
     194See [wiki:AccountManagerPlugin/Modules#RegistrationModule details]. 
     195 
    242196 
    243197=== !EmailVerificationModule === 
    244  '''Package''':: acct_mgr.web_ui 
    245  
    246 If you enable this, users will be sent an email with a verification code to enter, to approve it is really their own email address: 
    247  
    248 {{{ 
    249 #!cfg 
    250 [components] 
    251 acct_mgr.web_ui.EmailVerificationModule = enabled 
    252 }}} 
    253  
    254 Until they entered the verification code on the URL sent with the email, their permissions will be restricted (even if they have the TRAC_ADMIN privilege, they won't be able to access anything exceeding the standard privileges of ''authenticated'' users). ''Update:'' After changeset [9304] ACCTMGR_ADMIN (and TRAC_ADMIN, as it inherits it among all other privileges) won't be bothered with the verification procedure. 
    255  
    256 This '''has been added as a strict requirement now''' as suggested by ticket #5509 to ''trunk'' code with changeset [9277], but was not enforced before, so verification only happened, if an email had been specified on registration. In other words, if some user registered w/o specifying an email address, this was possible and an unrestricted account was created without requiring further actions. 
    257  
    258 Note that if you don't want to enforce entering a valid email on registration, you may want to disable this component. An option 
    259 {{{ 
    260 #!cfg 
    261 [account-manager] 
    262 verify_email = false 
    263 }}} 
    264 for switching this off easily, to restore the old behavior of AccountManagerPlugin by default, is available since changeset [9304] as well. 
     198Adding or changing an email address will trigger an email with a verification code to enter, to approve it is really users own email address, and user account priviledges cut down until successful verification. 
     199 
     200See [wiki:AccountManagerPlugin/Modules#EmailVerificationModule details]. 
    265201 
    266202== Post Setup/Configuration ==