| 193 | | {{{ |
| 194 | | #!cfg |
| 195 | | [components] |
| 196 | | acct_mgr.web_ui.LoginModule = enabled |
| 197 | | }}} |
| 198 | | |
| 199 | | [[Image(login-form.png)]] |
| 200 | | |
| 201 | | ==== Disable HTTP authentication ==== |
| 202 | | |
| 203 | | To use the AccountManager’s form-based login system instead, add this your trac.ini: |
| 204 | | |
| 205 | | {{{ |
| 206 | | #!cfg |
| 207 | | [components] |
| 208 | | trac.web.auth.LoginModule = disabled |
| 209 | | }}} |
| 210 | | |
| 211 | | When using the [trac:TracStandalone tracd] server be sure '''not''' to use the `--auth` or `--basic-auth` options. Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use the HTML form. |
| 212 | | |
| 213 | | If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form. In order to disable the authentication look for a section in the Apache configuration file like: |
| 214 | | |
| 215 | | {{{ |
| 216 | | <Location /trac/login> |
| 217 | | # Some options like AuthType and AuthUserFile |
| 218 | | Require valid-user |
| 219 | | </Location> |
| 220 | | }}} |
| 221 | | |
| 222 | | Deleting or commenting the `Require valid-user` line should be sufficient to disable HTTP authentication. After you’ve tested it you can probably delete or comment out the rest of the authentication options. In some pre-bundled packages as Bitnami Trac you will find it inside an apache configuration extension as trac.conf (BitnamiTrac\trac\conf\trac.conf) |
| | 189 | See [wiki:AccountManagerPlugin/Modules#LoginModule details]. |
| 225 | | '''Package''':: acct_mgr.web_ui |
| 226 | | |
| 227 | | Enables users to register a new account. It adds a “Register” link on the same menu bar as the “Login” link. |
| 228 | | |
| 229 | | {{{ |
| 230 | | #!cfg |
| 231 | | [components] |
| 232 | | acct_mgr.web_ui.RegistrationModule = enabled |
| 233 | | }}} |
| 234 | | |
| 235 | | [[Image(register.png)]] |
| 236 | | |
| 237 | | {{{ |
| 238 | | #!div class="important" |
| 239 | | '''Warning:''' You must enable one of the [wiki:AccountManagerPlugin/AuthStores password storage modules] for the Registration Module to work. |
| 240 | | }}} |
| 241 | | '''Note:''' You must not enable `ignore_auth_case` in `trac.ini` as otherwise this module won’t work. |
| | 192 | Enables users to register a new account. It adds a “Register” link on metanav, the same menu bar as the “Login” link. |
| | 193 | |
| | 194 | See [wiki:AccountManagerPlugin/Modules#RegistrationModule details]. |
| | 195 | |
| 244 | | '''Package''':: acct_mgr.web_ui |
| 245 | | |
| 246 | | If you enable this, users will be sent an email with a verification code to enter, to approve it is really their own email address: |
| 247 | | |
| 248 | | {{{ |
| 249 | | #!cfg |
| 250 | | [components] |
| 251 | | acct_mgr.web_ui.EmailVerificationModule = enabled |
| 252 | | }}} |
| 253 | | |
| 254 | | Until they entered the verification code on the URL sent with the email, their permissions will be restricted (even if they have the TRAC_ADMIN privilege, they won't be able to access anything exceeding the standard privileges of ''authenticated'' users). ''Update:'' After changeset [9304] ACCTMGR_ADMIN (and TRAC_ADMIN, as it inherits it among all other privileges) won't be bothered with the verification procedure. |
| 255 | | |
| 256 | | This '''has been added as a strict requirement now''' as suggested by ticket #5509 to ''trunk'' code with changeset [9277], but was not enforced before, so verification only happened, if an email had been specified on registration. In other words, if some user registered w/o specifying an email address, this was possible and an unrestricted account was created without requiring further actions. |
| 257 | | |
| 258 | | Note that if you don't want to enforce entering a valid email on registration, you may want to disable this component. An option |
| 259 | | {{{ |
| 260 | | #!cfg |
| 261 | | [account-manager] |
| 262 | | verify_email = false |
| 263 | | }}} |
| 264 | | for switching this off easily, to restore the old behavior of AccountManagerPlugin by default, is available since changeset [9304] as well. |
| | 198 | Adding or changing an email address will trigger an email with a verification code to enter, to approve it is really users own email address, and user account priviledges cut down until successful verification. |
| | 199 | |
| | 200 | See [wiki:AccountManagerPlugin/Modules#EmailVerificationModule details]. |
