Changes between Version 10 and Version 11 of PermRedirectPlugin


Ignore:
Timestamp:
Mar 19, 2015, 3:31:15 PM (9 years ago)
Author:
figaro
Comment:

Cosmetic changes

Legend:

Unmodified
Added
Removed
Modified

  • PermRedirectPlugin

    v10 v11  
    11[[PageOutline(2-5,Contents,pullout)]]
    22
    3 = Redirect users to the login screen on !PermissionError. =
     3= Redirect users to the login screen on !PermissionError
    44
    5 == Description ==
     5== Description
    66
    77This plugin provides two features related to login:
    88
    9  * When an anonymous user attempts to visit a page that he does not have access to, he will be sent to the login screen instead of seeing Trac's built-in "Permission Error: maybe you should log in" page.
     9 * When an anonymous user attempts to visit a page that the user does not have access to, the user will be sent to the login screen instead of seeing Trac's built-in "Permission Error: maybe you should log in" page.
    1010 * The plugin can also be configured to ensure that all access to the login screen occurs over HTTPS.
    1111
    12 These features are independent of one another -- you can install the plugin to provide either feature, or both.
     12These features are independent of one another: you can install the plugin to provide either feature, or both.
    1313
    14 == Usage ==
     14== Bugs/Feature Requests
    1515
    16 To enable:
     16Existing bugs and feature requests for PermRedirectPlugin are
     17[report:9?COMPONENT=PermRedirectPlugin here].
     18
     19If you have any issues, create a
     20[http://trac-hacks.org/newticket?component=PermRedirectPlugin new ticket].
     21
     22[[TicketQuery(component=PermRedirectPlugin&group=type,format=progress)]]
     23
     24== Download ==
     25
     26Download the zipped source from [download:permredirectplugin here]. The eggs are available for installation as pypi:TracPermRedirect.
     27
     28== Source ==
     29
     30You can check out PermRedirectPlugin from [http://trac-hacks.org/svn/permredirectplugin here] using Subversion, or [source:permredirectplugin browse the source] with Trac.
     31
     32== Installation
     33
     34To enable, add the following to the `trac.ini` file:
    1735{{{
    1836#!ini
     
    2341This will enable the "redirect to login screen on permission error" feature.  The "HTTPS only" feature will not be enabled.
    2442
    25 To additionally enable the "HTTPS only" feature, use:
     43== Configuration
     44
     45To additionally enable the "HTTPS only" feature, use the following in the `trac.ini` file:
    2646{{{
    2747#!ini
     
    3050}}}
    3151
    32 To enable the "HTTPS only" feature and disable the "redirect to login screen on permission error" feature, use:
     52To enable the "HTTPS only" feature and disable the "redirect to login screen on permission error" feature, use the following in the `trac.ini` file:
    3353{{{
    3454#!ini
     
    3858}}}
    3959
    40 == HTTPS Only ==
     60== HTTPS Only
    4161
    42 The plugin provides a feature to ensure that all requests to the login page occur over HTTPS, which can be enabled per the "usage" section above.  This will intercept all requests to http://hostname.com/login and redirect them to https://hostname.com/login instead.  In order for this feature to work, you must configure your web server to accept HTTPS requests on port 443.  This feature will only work if your web server is serving HTTP requests on port 80 and HTTPS requests on port 443; no other configurations are currently supported.  Also, '''this feature should only be enabled if you are using AccountManager to handle login.'''  If your site's login occurs in the web server (e.g. Apache authentication) then this feature will not be able to secure your login handler.
     62The plugin provides a feature to ensure that all requests to the login page occur over HTTPS, which can be enabled per the "usage" section above. This will intercept all requests to http://hostname.com/login and redirect them to https://hostname.com/login instead. For this feature to work, you must configure your web server to accept HTTPS requests on port 443. This feature will only work if your web server is serving HTTP requests on port 80 and HTTPS requests on port 443; no other configurations are currently supported. Also, '''this feature should only be enabled if you are using AccountManager to handle login.''' If your site's login occurs in the web server, eg Apache authentication, then this feature will not be able to secure your login handler.
    4363
    44 It is also possible to implement a similar feature without this plugin at all, using `RewriteRules` in your Apache configuration.  This alternative approach must be used if you are handling login through the Apache web server. Your Apache configuration would include lines like:
     64It is also possible to implement a similar feature without this plugin at all, using `RewriteRules` in your Apache configuration. This alternative approach must be used if you are handling login through the Apache web server. Your Apache configuration would include lines like:
    4565{{{
    4666# Redirect all login pages to https
     
    4969}}}
    5070
    51 (Note the `[NE]` (no-escape) flag -- this is important!  See "Frequently Asked Questions" below.)
     71Note the `[NE]` (no-escape) flag, this is important! See "Frequently Asked Questions" below.
    5272
    5373For more details, see the various example configurations posted in comments at http://trac.edgewall.org/ticket/4733
    5474
    55 == Frequently Asked Questions ==
     75== Frequently Asked Questions
    5676
    57  * After logging in, Trac always loads the home page, instead of the page the user came from.  On the login page, the `?referer` query string is double-quoted (double-encoded), and looks like `?referer=http%253A%252F%252Fthe_host%252Fthe_project%252Ftimeline` (with the "%" in "%3A" re-quoted to create "%253A") instead of `?http%3A%2F%2Fthe_host%2Fthe_project%252Ftimeline`.
     77 * After logging in, Trac always loads the home page, instead of the page the user came from. On the login page, the `?referer` query string is double-quoted (double-encoded), and looks like `?referer=http%253A%252F%252Fthe_host%252Fthe_project%252Ftimeline` (with the "%" in "%3A" re-quoted to create "%253A") instead of `?http%3A%2F%2Fthe_host%2Fthe_project%252Ftimeline`.
    5878
    59 This is caused by a faulty Apache configuration.  You are probably using a `RewriteRule` to redirect login over HTTPS.  You must use the `[NE]` (no-escape) flag on your `RewriteRule` to prevent double-quoting. For more information, see http://trac-hacks.org/ticket/2210#comment:36
     79This is caused by a faulty Apache configuration. You are probably using a `RewriteRule` to redirect login over HTTPS. You must use the `[NE]` (no-escape) flag on your `RewriteRule` to prevent double-quoting. For more information, see http://trac-hacks.org/ticket/2210#comment:36
    6080
    61 == Bugs/Feature Requests ==
    62 
    63 Existing bugs and feature requests for PermRedirectPlugin are
    64 [report:9?COMPONENT=PermRedirectPlugin here].
    65 
    66 If you have any issues, create a
    67 [http://trac-hacks.org/newticket?component=PermRedirectPlugin new ticket].
    68 
    69 == Download ==
    70 
    71 Download the zipped source from [download:permredirectplugin here]. The eggs are available for installation on [http://pypi.python.org/pypi/TracPermRedirect PyPI].
    72 
    73 == Source ==
    74 
    75 You can check out PermRedirectPlugin from [http://trac-hacks.org/svn/permredirectplugin here] using Subversion, or [source:permredirectplugin browse the source] with Trac.
    76 
    77 == Recent Changes ==
     81== Recent Changes
    7882
    7983[[ChangeLog(permredirectplugin, 3)]]
    8084
    81 == Author/Contributors ==
     85== Author/Contributors
    8286
    8387'''Author:''' [wiki:coderanger] [[BR]]