Changes between Version 1 and Version 2 of InfoCardAccountPlugin


Ignore:
Timestamp:
Nov 2, 2007, 9:12:16 PM (7 years ago)
Author:
dbuss
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • InfoCardAccountPlugin

    v1 v2  
    88
    99=== License ===
    10 The extension is distributed to you under the [http://www.gnu.org/licenses/lgpl.html lgpl], please note that it includes works copyrighted by others and release under permissive licenses such as [http://en.wikipedia.org/wiki/BSD_licenses BSD], [http://en.wikipedia.org/wiki/Beerware Beerware] and the [http://trac.edgewall.com/license.html Trac license].
     10The extension is distributed to you under the [http://www.gnu.org/licenses/lgpl.html lgpl], please note that it includes works copyrighted by others and released under permissive licenses such as [http://en.wikipedia.org/wiki/BSD_licenses BSD], [http://en.wikipedia.org/wiki/Beerware Beerware] and the [http://trac.edgewall.com/license.html Trac license].
    1111
    1212== Requirements ==
    1313
    1414This plugin works with Trac 0.11.[[BR]]
     15
     16Some form of Python xml with dom and xpath support, tested with [http://pyxml.sourceforge.net/ pyxml]
     17
     18[http://chandlerproject.org/Projects/MeTooCrypto m2crypto] as an python wrapper to [http://www.openssl.org/ openssl] which must also be installed.  m2crypto also requires [http://www.swig.org/Doc1.3/Python.html SWIG]
     19
     20Systems running python older than 2.5 require [http://code.krypto.org/python/hashlib/ hashlib]
    1521
    1622If you use the LDAP user store module then the [http://python-ldap.sourceforge.net/ Python LDAP] module is required.
     
    2430
    2531== Installation ==
    26 
    27  * Build the ''egg'' file following the plugin packaging [http://projects.edgewall.com/trac/wiki/TracDev/PluginDevelopment#Packaginganddeployingplugins instructions]
    28  * Copy the `dist/LdapPlugin-0.x.x-py2.n.egg` file in your ''plugins'' project directory. The name as found on your system will have the current version number for the plugin and python in the name, replacing the x.x and py2.x components.
    29  * [[#Configuration Configure]] the plugin
    30  * Use [[#trac-admin-acct trac-admin-acct]] to
     32{{{
     33   easy_install https://forgesvn1.novell.com/svn/bandit/trunk/rp/trac/infocard_acct/0.11
     34}}}
     35 * Configure the plugin (see Configuration below)
     36 * Use trac-admin-acct to initialize the association store and optionally the user store.
    3137
    3238== Configuration ==
    3339
    34 You need to customize the `trac.ini` file of your project, then[[BR]]
     40You need to customize the `trac.ini` file of your project, following the instructions below[[BR]]
    3541 1. Optionally add the path to your plugin directory.
    36  1. Enable 'account-manager' and `infocard_acct` in `[components]` section, so that the Trac engine loads and uses this extension.
     42 1. Enable `account-manager` and `infocard_acct` in `[components]` section, so that the Trac engine loads and uses this extension.
    3743 1. Configure account-manager.
    38  1. Create a new section [infocard_acct] in the .ini file
     44 1. Create a new section `[infocard_acct]` in the .ini file
    3945
    40 To properly enable plugin you must disable trac and account manager's LoginModules, and enable account manager and infocard account componenets.   In the `[components]` section of trac.ini:
     46==== Enable components ====
     47To properly enable plugin you must disable trac and account manager's LoginModules, and enable AccountManagerPlugin and InfoCardAccountPlugin components   In the `[components]` section of trac.ini:
    4148
    4249{{{
     
    5259{{{
    5360[account-manager]
    54 password_store = LDAPUserStore
     61#any password store supported by acct-mgr including TracDBUserStore and LDAPUserStore
     62password_store = LDAPUserStore   
    5563}}}
    5664
    57 If you use the LDAPUserStore then the following options are supported in the '[ldap_user_store'] section:
     65If you use the LDAPUserStore then the following options are supported in the `[ldap_user_store]` section:
    5866
    5967{{{
    6068[ldap_user_store]
    61 url = ldap://wag.bandit-project.org/ou=people,dc=wag,dc=bandit-project,dc=org?uid?sub?(objectClass=inetOrgPerson)
     69#any ldap query url it's usage matches the authldapurl from mod_ldap in apache
     70#http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authldapurl
     71url = ldaps://bandit-project.org/ou=people,dc=wag,dc=bandit-project,dc=org?uid?sub?(objectClass=inetOrgPerson)
     72
     73# If your ldap server requires authentication to search for users, please provide that name and password
     74#bind_user =
     75#bind_password =
     76
    6277}}}
    6378
    6479
    65 The InfoCardAccountPlugin configuration section '[infocard_acct] supports the following:
     80The InfoCardAccountPlugin configuration section `[infocard_acct]` supports the following:
    6681{{{
    6782[infocard_acct]
     83#file path to the server's ssl key, required to properly decrypt and validate security tokens
    6884private_key_path = /etc/ssl/private/server.key.unsecure
     85#if the ssl key file requires a pass phrase, please supply that here
     86#private_key_pass_phrase = ifItoldYouItWouldBeBad
     87#Currently only TracDBAssociationStore is supported
    6988association_store = TracDBAssociationStore
    70 private_key_pass_phrase = ifItoldYouItWouldBeBad
     89#Optional setting to display a debug page after accepting a security token
    7190debug = False
    7291}}}
     
    7493
    7594== trac-admin-acct ==
     95This is a configuration tool similar to [http://trac.edgewall.org/wiki/TracAdmin trac-admin].   Before the InfoCardAccountPlugin is fully functional, the configuration tool must be run with at least the initenv card option.
    7696
     97{{{
     98trac-admin-acct /var/trac/rpset initenv card
     99}}}
     100
     101==== usage ====
     102trac-admin-acct supports both command line and interactive modes.
     103
     104===== interactive usage =====
     105For a list of options supported by trac-admin-acct, start the tool giving it the path to the trac [http://trac.edgewall.org/wiki/TracEnvironment environment] and type help.
     106
     107{{{
     108trac-admin-acct /var/trac/rpset
     109>help
     110}}}
     111
     112===== command line usage =====
     113
     114{{{
     115Usage: trac-admin-acct </path/to/projenv> [command [subcommand] [option ...]]
     116
     117Invoking trac-admin-acct without command starts interactive mode.
     118help
     119        -- Show documentation
     120
     121initenv
     122        -- create all the database tables for infocard account manager
     123
     124initenv user
     125        -- create just the user / passwordhash table
     126
     127initenv card
     128        -- create just the cardkey association table
     129
     130cleanenv
     131        -- delete all the database tables for infocard account manager
     132
     133cleanenv user
     134        -- delete just the user / passwordhash table
     135
     136cleanenv card
     137        -- delete just the cardkey association table
     138
     139user list
     140        -- Show user
     141
     142user add <name> <clear text password>
     143        -- Add user
     144
     145user rename <name> <newname>
     146        -- Rename user
     147
     148user remove <name>
     149        -- Remove user (leaves permissions etc.
     150}}}
     151
     152== Gory Details ==
     153=== Account Associations ===
     154=== LDAPUserStore ===
    77155
    78156== Known limitations ==
     
    94172== Author/Contributors ==
    95173
    96 '''Author:''' [wiki:dbuss dbuss] [[BR]]
     174'''Author:''' [wiki:dbuss dbuss], bandit-dev@forge.novell.com [[BR]]
    97175'''Contributors:''' see the setup.py file, this extension utilizes code from several sources.
    98176