Changes between Version 91 and Version 92 of AccountManagerPlugin


Ignore:
Timestamp:
Oct 9, 2010 11:05:10 PM (4 years ago)
Author:
hasienda
Comment:

AuthStore content moved out to dedicated page, minor editorial changes

Legend:

Unmodified
Added
Removed
Modified
  • AccountManagerPlugin

    v91 v92  
    2424== Bugs/Feature Requests ==  
    2525 
    26 Existing bugs and feature requests for AccountManagerPlugin are  
    27 [query:?status=new&status=assigned&status=reopened&group=&component=AccountManagerPlugin&order=priority here]. 
    28  
    29 If you have any issues, create a  
    30 [http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=hasienda new ticket]. 
     26Existing bugs and feature requests for !AccountManagerPlugin are available from Trac-Hacks  
     27[query:?status!=closed&group=&component=AccountManagerPlugin&order=priority ticket system]. 
     28 
     29If you have any issues that is not found in [query:?component=AccountManagerPlugin&order=priority existing tickets], create a  
     30[http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=hasienda new ticket], please. 
    3131 
    3232== Install == 
     
    7979 * [download:accountmanagerplugin/0.9 0.9] 
    8080 * [download:accountmanagerplugin/0.10 0.10] 
    81  * [download:accountmanagerplugin/0.11 0.11] (doesn't currently work with 0.11.4, see #4125) 
     81 * [download:accountmanagerplugin/0.11 0.11] 
    8282 * [download:accountmanagerplugin/trunk trunk] 
    8383 
     
    106106 
    107107This is the core of this plugin.  This component ''must'' be enabled to use any of the other components. 
    108  
    109 === !HtDigestStore === 
    110  '''Package''':: acct_mgr.htfile 
    111  
    112 Used to store passwords in the htdigest file format. 
    113  
    114 {{{ 
    115 #!div class="important" 
    116 '''Warning:''' This password method may not work with [t:TracModPython mod_python] due to a  bug using Python’s md5 module under mod_python (''"it has been reported that mod_python has trouble returning good MD5 strings. It has been speculated that this is because many apache mods are using the same md5 source (php and so forth), but this is not confirmed"'').  If you experience problems try [t:TracFastCgi FastCGI], [t:wiki:TracModWSGI mod_wsgi], or [t:TracStandalone tracd]. 
    117 }}} 
    118  
    119 To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]: 
    120  
    121 {{{ 
    122 [components] 
    123 ; be sure to enable the component 
    124 acct_mgr.htfile.HtDigestStore = enabled 
    125  
    126 [account-manager] 
    127 ; configure the plugin to store passwords in the htdigest format: 
    128 password_store = HtDigestStore 
    129 ; with Trac < 0.10 use this instead: 
    130 password_format = htdigest 
    131  
    132 ; the file where user accounts are stored 
    133 ; the webserver will need write permissions to this file 
    134 ; and its parent folder 
    135 password_file = /var/trac/trac.htdigest 
    136  
    137 ; the name of the authentication “realm” 
    138 ; it can be any text to identify your site or project 
    139 htdigest_realm = TracRealm 
    140 }}} 
    141  
    142 === !HtPasswdStore === 
    143  '''Package''':: acct_mgr.htfile 
    144  
    145 Used to store passwords in the htpasswd file format. 
    146  
    147 {{{ 
    148 #!div class="important" 
    149 '''Warning:''' This password method may not work with [t:TracModPython mod_python] due to a [http://tjulo.blogspot.com/2007/03/problems-with-md5-and-modpython.html bug using Python’s md5 module under mod_python].  If you experience problems try [t:TracFastCgi FastCGI], [t:wiki:TracModWSGI mod_wsgi], or [t:TracStandalone tracd]. 
    150 }}} 
    151  
    152 To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]: 
    153  
    154 {{{ 
    155 [components] 
    156 ; be sure to enable the component 
    157 acct_mgr.htfile.HtPasswdStore = enabled 
    158  
    159 [account-manager] 
    160 ; configure the plugin to store passwords in the htpasswd format: 
    161 password_store = HtPasswdStore 
    162 ; with Trac < 0.10 use this instead: 
    163 password_format = htpasswd 
    164  
    165 ; the file where user accounts are stored 
    166 ; the webserver will need write permissions to this file 
    167 ; and its parent folder 
    168 password_file = /var/trac/trac.htpasswd 
    169 }}} 
    170  
    171 === !HttpAuthStore === 
    172  '''Package''':: acct_mgr.http 
    173  
    174 '''Note:''' This component requires Trac 0.10 or later 
    175  
    176 Used to delegate authentication to the web server.  This allows access to be restricted based on LDAP, a password file, etc, or some combination of them. 
    177  
    178 Note: This password store does not support listing/adding/removing users or changing passwords. 
    179  
    180 {{{ 
    181 [components] 
    182 ; be sure to enable the component 
    183 acct_mgr.http.HttpAuthStore = enabled 
    184  
    185 [account-manager] 
    186 ; configure the plugin to use a page that is secured with http authentication 
    187 authentication_url = http://hostname/path 
    188 password_store = HttpAuthStore 
    189 }}} 
    190  
    191 This will generally be matched with an Apache config like: 
    192 {{{ 
    193 <Directory /var/www/html/path> 
    194    …HTTP authentication configuration… 
    195    Require valid-user 
    196 </Directory> 
    197 }}} 
    198  
    199  
    200 === LDAP === 
    201  Check [http://trac-hacks.org/ticket/1147 LDAPAuthStore] and LdapAuthStorePlugin regarding how to link LdapPlugin to AccountManagerPlugin. 
    202  
    203  #1600 seems related also 
    204  
    205 === !SessionStore === 
    206  '''Package''':: acct_mgr.db 
    207  
    208 Stores password information in the trac database. This may give better behaviour if you have large numbers of users and are finding errors due to write contention on the password file. You must enable one or other of the hash method components. !HtDigestHashMethod is the default. 
    209  
    210 {{{ 
    211 [components] 
    212 ; be sure to enable the component 
    213 acct_mgr.db.SessionStore = enabled 
    214 ; choose one of the hash methods 
    215 acct_mgr.pwhash.htdigesthashmethod = enabled 
    216 acct_mgr.pwhash.htpasswdhashmethod = enabled 
    217 trac.web.auth.loginmodule = disabled #this is important, otherwise login does not work. ref: http://www.gossamer-threads.com/lists/trac/users/41969 
    218  
    219 [account-manager] 
    220 password_store = SessionStore 
    221 ; choose one of the hash methods 
    222 hash_method = HtDigestHashMethod 
    223 hash_method = HtPasswdHashMethod 
    224  
    225 }}} 
    226  
    227 For more information see: 
    228   http://www.mailinglistarchive.com/trac-users@googlegroups.com/msg03696.html 
    229  
    230 For sample configuration settings see  [wiki:SessionStoreSampleSettings sample-settings] 
    231 === !SvnServePasswordStore === 
    232  '''Package''':: acct_mgr.svnserve 
    233  
    234 Allows Trac to use SVN users (may be in addition to Trac users). SVN server configuration option should be "svnserve". For more information, read chapter 6 of [http://svnbook.red-bean.com/ SVN book]. 
    235  
    236 {{{ 
    237 [components] 
    238 ; be sure to enable the component 
    239 acct_mgr.svnserve.* = enabled 
    240 acct_mgr.svnserve.svnservepasswordstore = enabled 
    241 ; choose one of the hash methods 
    242 acct_mgr.pwhash.htdigesthashmethod = enabled 
    243 acct_mgr.pwhash.htpasswdhashmethod = enabled 
    244  
    245 [account-manager] 
    246 password_store = SvnServePasswordStore 
    247 password_file = /path/to/svn/repos/conf/passwd 
    248 ; choose one of the hash methods 
    249 hash_method = HtDigestHashMethod 
    250 hash_method = HtPasswdHashMethod 
    251 }}} 
    252  
    253 NB : `password_file` points to a file which defines users/passwords this way : `user = password` 
    254108 
    255109=== !AccountManagerAdminPage ===