Version 98 (modified by 14 years ago) (diff) | ,
---|
Contents
ToDo
News
- 09-Oct-2010
- Growing number of long-standing issues resolved, prepare for a maintenance release based on current trunk (open: 61)
- 28-Sep-2010
- Maintainership handed over from pacopablo to hasienda
- 26-Sep-2010
- Starting ticket list cleanup and triaging (open: 96)
Account Manager Plugin
Description
The AccountManagerPlugin offers several features for managing user accounts:
- allow users to register new accounts
- login via an HTML form instead of using HTTP authentication
- allow existing users to change their passwords or delete their accounts
These features are new in the plugin for Trac 0.10.
- send a new password to users who’ve forgotten their password
- administration of user accounts
Bugs/Feature Requests
Existing bugs and feature requests for AccountManagerPlugin are available from Trac-Hacks ticket system.
If you have any issues that is not found in existing tickets, create a new ticket, please.
You do wonder, if you could contribute here? Great! There are some recommendations, where to start.
Install
First make sure you’ve installed setuptools. Make sure you have a version >= 0.6c9, since previous versions contain a bug which makes the installation fail.
xccx
Then you can install the plugin using the easy_install
application.
Note: Windows users will need to add easy_install to their PATH.
For Trac 0.9:
easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.9
For Trac 0.10:
Install the trac:WebAdmin plugin.
Then install this plugin:
easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.10
For Trac 0.11
easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.11
For Trac 0.12:
easy_install https://trac-hacks.org/svn/accountmanagerplugin/trunk
If you are using the tracd standalone server or Apache 2.2.x you will need to restart it to detect the plugin.
Source
Subversion Checkout (depends on your Trac version):
svn co http://trac-hacks.org/svn/accountmanagerplugin/0.9 svn co http://trac-hacks.org/svn/accountmanagerplugin/0.10 svn co http://trac-hacks.org/svn/accountmanagerplugin/0.11 svn co http://trac-hacks.org/svn/accountmanagerplugin/trunk
Downloads:
- [download:accountmanagerplugin/0.9 0.9]
- [download:accountmanagerplugin/0.10 0.10]
- [download:accountmanagerplugin/0.11 0.11]
- [download:accountmanagerplugin/trunk trunk]
Components
In order to use the features of the AccountManager you will need to enable some or all of its components.
The easiest way to enable the components is via the trac:WebAdmin plugin. Users logged in with the TRAC_ADMIN permission will be able to manage the enabled components:
Components can also be enabled or disabled in the trac.ini file under the [components]
section. For example to enable the login form and disable user registration:
[components] trac.web.auth.LoginModule = disabled acct_mgr.web_ui.LoginModule = enabled acct_mgr.web_ui.RegistrationModule = disabled
Hint: Option names are written in CamelCase style notation, but will get (re-)written all-lowercase, if added/updated via the Trac admin web-UI. Anyway, case doesn't really matter here.
The available components are described below.
AccountManager
- Package
- acct_mgr.api
This is the core of this plugin. This component must be enabled to use any of the other components.
Additionally one or more sources for storing authentication information are required:
- PasswordFileStores
- HttpAuthStore
- SessionStore
- SvnServePasswordStore
There's even some information on how to get not-yet-implemented LDAP authentication.
AccountManagerAdminPage
- Package
- acct_mgr.admin
Note: This component requires Trac 0.10 or later
This component adds a new page to the trac:WebAdmin section for managing user accounts. It requires the TRAC_ADMIN
permission to access.
[components] acct_mgr.admin.AccountManagerAdminPage = enabled
AccountModule
- Package
- acct_mgr.web_ui
Allows users to change their password, or delete their account. When logged in it will appear as a tab “Account” after clicking the “Preferences” link.
[components] acct_mgr.web_ui.AccountModule = enabled
New for Trac 0.10: When used in combination with the LoginModule it adds a link to the login page “Forgot your password?” where users can reset their password if they’ve forgotten it. You will need to have your SMTP server information configured in your trac.ini
for the “Forgot your password?” link to show up and enable AccountChangeListener.
[components] acct_mgr.notification.accountchangelistener = enabled
New for Trac 0.11: When a user resets their password they will be required to change their password on the next successful login. This can be disabled via the trac.ini
by setting force_passwd_change = false
.
LoginModule
- Package
- acct_mgr.web_ui
Warning: this module is not supported using the tracd stand-alone server on Trac 0.9. It either needs Trac 0.10 or later, or an external webserver such as Apache.
Allows users to login via a HTML form instead of using HTTP authentication.
[components] acct_mgr.web_ui.LoginModule = enabled
Disable HTTP authentication
To use the AccountManager’s form-based login system instead, add this to the
[components]
section of your trac.ini:
trac.web.auth.LoginModule = disabled
When using the tracd server be sure not to use the --auth
or --basic-auth
options. Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use the HTML form.
If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form. In order to disable the authentication look for a section in the Apache configuration file like:
<Location /trac/login> # Some options like AuthType and AuthUserFile Require valid-user </Location>
Deleting or commenting the Require valid-user
line should be sufficient to disable HTTP authentication. After you’ve tested it you can probably delete or comment out the rest of the authentication options. In some pre-bundled packages as Bitnami Trac you will find it inside an apache configuration extension as trac.conf (BitnamiTrac\trac\conf\trac.conf)
RegistrationModule
- Package
- acct_mgr.web_ui
Enables users to register a new account. It adds a “Register” link on the same menu bar as the “Login” link.
[components] acct_mgr.web_ui.RegistrationModule = enabled
Warning: You must enable one of the password storage modules for the Registration Module to work.
Note: You must not enable ignore_auth_case
in trac.ini
as otherwise this module won’t work.
EmailVerificationModule
- Package
- acct_mgr.web_ui
If you enable this, users will be sent an email with a verification code to enter, to approve it is really their own email address:
[components] acct_mgr.web_ui.EmailVerificationModule = enabled
Until they entered the verification code on the URL sent with the email, their permissions will be restricted (even if they have the TRAC_ADMIN privilege, they won't be able to access anything exceeding the standard privileges of authenticated users). Update: After changeset [9304] ACCTMGR_ADMIN (and TRAC_ADMIN, as it inherits it among all other privileges) won't be bothered with the verification procedure.
This has been added as a strict requirement now as suggested by ticket #5509 to trunk code with changeset [9277], but was not enforced before, so verification only happened, if an email had been specified on registration. In other words, if some user registered w/o specifying an email address, this was possible and an unrestricted account was created without requiring further actions.
Note that if you don't want to enforce entering a valid email on registration, you may want to disable this component. An option
[account-manager] verify_email = false
for switching this off easily, to restore the old behavior of AccountManagerPlugin by default, is available since changeset [9304] as well.
Post Setup/Configuration
In order to use the Account Manager plugin, while logged in as a user with TRAC_ADMIN rights, use the new “Admin” link on the menubar.
Once in, you might want to enable the permissions to allow the “authenticated” user group permissions. For instance, if you remove the anonymous group from TICKET_MODIFY, and WIKI_MODIFY, and add the “authenticated” group instead, only authenticated, logged-in (registered) users can perform ticket modifications and wiki editing.
Recent Changes
Author/Contributors
Author: mgood
Maintainer: hasienda
Contributors: coderanger, crocea, manski, mrelbe, otaku42, pacopablo, s0undt3ch
Attachments (9)
-
components-admin.png (82.0 KB) - added by 18 years ago.
screenshot of components web admin
-
account-manager-admin.png (39.1 KB) - added by 18 years ago.
screenshot of account administration
-
login-form.png (4.4 KB) - added by 18 years ago.
screenshot of login form
-
register.png (5.6 KB) - added by 18 years ago.
screenshot of registration page
- my-account.png (7.5 KB) - added by 18 years ago.
- reset-password.png (8.2 KB) - added by 18 years ago.
-
account-manager-admin_v0.4.png (75.3 KB) - added by 13 years ago.
screenshot of account administration - v 0.4
-
transifex_acct_mgr-messages_v0.3.png (15.8 KB) - added by 13 years ago.
coverage of translations per language for v0.3
-
components-admin_acct_mgr-0.4.png (175.3 KB) - added by 11 years ago.
screenshot of components admin page - v0.4
Download all attachments as: .zip