Wiki Navigation

OpenID Authentication Plugin

Description

This plugins allows to login to Trac using OpenID. Please, note that this plugin works with Trac 0.11 version only.

There is already similar plugin (OpenidPlugin) but it is abandoned, old and has list of problems that my version fix:

Should work with Mysql, PostgreSql? and SQLite

Uses genshi for templating

Bugs/Feature Requests

Existing bugs and feature requests are here. If you have any issues, create a new ticket.

Download & Source

You will need to install python_openid-2.1.1

You can check out from:

http://hg.sandbox.lt/authopenid-plugin/ using Mercurial.

You can download most recent version from http://blog.sandbox.lt/file/get/32?name=authopenid-plugin-dist.tar.gz if you don't want to use Mercurial version. However I don't know yet what is better way to distribute not-development version. If you have any ideas just write mail me to dalius at sandbox.lt

Example

[components]
trac.web.auth.* = disabled
authopenid.* = enabled

Options

This plugin has number of configuration options. Examples are best way to illustrate them:

[trac]
# Check user IP address. IP addresses are masked because
# in some cases user is behind internal proxy and last
# number in IP address might vary.
check_auth_ip = true
check_auth_ip_mask = 255.255.255.0 
# number of seconds until cookie will expire
expires = 86400

[openid]
# In some cases company might have internal OpenID server that automatically
# identifies user (e.g. windows SSPI). Also known as single sign-on.
default_openid = http://openid.ee
# Require sreg data
sreg_required = false 
# Default PAPE method to request from OpenID provider.
# pape_method = 
# What is OpenID link.
whatis = http://openid.net/what/
# In some cases you might want allow users to login to different projects using
# different OpenIDs. In that case don't use absolute trust root.
absolute_trust_root = false

# Remove http:// or https:// from URL that is used as username. (Default: false)
strip_protocol = false

# Remove trailing slash from URL that is user as username (Defaul: false)
strip_trailing_slash = false

# Expiration time acts as timeout. E.g. if expiration time is 24 hour and
# you login again in those 24 times. Expiration time is extended for another
# 24 hours. (Default: false)
timeout = false

Recent Changes

[2855] by dalius on 12/07/07 00:18:58

Ticket #2276 fixed.

[2847] by dalius on 12/03/07 23:41:53

logout patch from gsf

[2846] by dalius on 12/03/07 01:55:11

sqlite patch from martin@paljak.pri.ee

[2834] by dalius on 11/28/07 06:14:29

Added possibility to specify IP address mask for IP check. Similar issue exists in original Trac authentication methods: http://trac.edgewall.org/ticket/3211

Author/Contributors

Author: dalius
Contributors:

Download in other formats:

Plain Text