wiki:InfoCardAccountPlugin

Version 1 (modified by dbuss, 7 years ago) (diff)

--

Information Card Account Management Plugin

Abstract

This extension allows Information Cards to be associated with existing accounts and then used as an authentication mechanism to a Trac system.

License

The extension is distributed to you under the lgpl, please note that it includes works copyrighted by others and release under permissive licenses such as BSD, Beerware and the Trac license.

Requirements

This plugin works with Trac 0.11.

If you use the LDAP user store module then the Python LDAP module is required.

To create and install an egg file you need to have a recent version of setuptools installed.
Please refer to the TracPlugins page for additional information about plugin installation.

Download

Installation

  • Build the egg file following the plugin packaging instructions
  • Copy the dist/LdapPlugin-0.x.x-py2.n.egg file in your plugins project directory. The name as found on your system will have the current version number for the plugin and python in the name, replacing the x.x and py2.x components.
  • #Configuration Configure the plugin
  • Use #trac-admin-acct trac-admin-acct to

Configuration

You need to customize the trac.ini file of your project, then

  1. Optionally add the path to your plugin directory.
  2. Enable 'account-manager' and infocard_acct in [components] section, so that the Trac engine loads and uses this extension.
  3. Configure account-manager.
  4. Create a new section [infocard_acct] in the .ini file

To properly enable plugin you must disable trac and account manager's LoginModules, and enable account manager and infocard account componenets. In the [components] section of trac.ini:

[components]
trac.web.auth.LoginModule = disabled
acct_mgr.*=enabled
acct_mgr.web_ui.LoginModule=disabled
infocard_acct.* = enabled

For complete details on configuring the AccountManagerPlugin please visit AccountManagerPlugin. The InfoCardAccountPlugin adds two new password stores, TracDBUserStore and LDAPUserStore which are enabled as follows:

[account-manager]
password_store = LDAPUserStore

If you use the LDAPUserStore then the following options are supported in the '[ldap_user_store'] section:

[ldap_user_store]
url = ldap://wag.bandit-project.org/ou=people,dc=wag,dc=bandit-project,dc=org?uid?sub?(objectClass=inetOrgPerson)

The InfoCardAccountPlugin configuration section '[infocard_acct] supports the following:

[infocard_acct]
private_key_path = /etc/ssl/private/server.key.unsecure
association_store = TracDBAssociationStore
private_key_pass_phrase = ifItoldYouItWouldBeBad
debug = False

trac-admin-acct

Known limitations

Tickets

ToDo list

Tickets

Testing

In addition to the unit tests and developer tests run this was also part of an OSIS interop event, all issues identified at that event have been resolved.

Testing has been primarily on opensuse versions of Linux.

History

  • v0.1: First crack at extending the AccountManagerPlugin to support LDAP and the Trac database as user stores, and accept Information Cards as an authentication mechanism from any user store.

Author/Contributors

Author: dbuss
Contributors: see the setup.py file, this extension utilizes code from several sources.

TagIt(dbuss,0.11,plugin)?