Opened 12 years ago
Closed 12 years ago
#10094 closed defect (worksforme)
SessionStore and user verification
| Reported by: | Peter Bolla | Owned by: | Steffen Hoffmann |
|---|---|---|---|
| Priority: | normal | Component: | AccountManagerPlugin |
| Severity: | normal | Keywords: | SessionStore |
| Cc: | Trac Release: | 0.12 |
Description
In my setup I store passwords with SessionStore, and I have a sql view, that is appropriate for apache db based authentication module. Authentication is then done by HTTP auth, and required on the whole site (not only /login path). This works perfectly for existing users.
AccountManagerPlugin is used to create users, and to do email verification. When I create a new user, 3 new records are created in session_attribute, and none in session. When the new user logs in, these does not change. (I guess session table should have changed.) Also, when the user switches to the preferences panel, nothing is filled, although, name and email were given when creating the user.
And the biggest problem is, that when the user types her name, email address, and presses submit, a new record is created in session table, and the name and email are inserted into session_attributes, but password is removed, thus the user won't be able to log in again until I fix it manually.
I might have misinterpreted something, but I am stuck now. Do you have any idea?
version: latest svn trunk and 0.11 branch as well.
Actually this setup worked with an earlier version, but after an update this error occurred. Unfortunately I don't know, which version I had before the update...
config:
[account-manager] account_changes_notify_addresses = hash_method = HtPasswdHashMethod notify_actions = new,delete password_store = SessionStore user_lock_max_time = 0 [components] acct_mgr.admin.accountmanageradminpage = enabled acct_mgr.db.sessionstore = enabled acct_mgr.guard.accountguard = enabled acct_mgr.htfile.abstractpasswordfilestore = disabled acct_mgr.htfile.htdigeststore = disabled acct_mgr.htfile.htpasswdstore = disabled acct_mgr.http.httpauthstore = disabled acct_mgr.pwhash.htdigesthashmethod = disabled acct_mgr.pwhash.htpasswdhashmethod = enabled acct_mgr.svnserve.svnservepasswordstore = disabled acct_mgr.web_ui.loginmodule = disabled acct_mgr.web_ui.registrationmodule = disabled acct_mgr.web_ui.resetpwstore = disabled trac.web.auth.loginmodule = enabled
Attachments (0)
Change History (4)
comment:1 Changed 12 years ago by
| Keywords: | SessionStore added |
|---|
comment:2 Changed 12 years ago by
Actually, the issue disappeared when our server provider updated the core Trac setup to a presumably newer version. So probably the whole issue was more related to Trac itself then the AccountManagerPlugin.
comment:4 Changed 12 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
Ok then, let's settle the case.
This is most probably a duplicate of #9843.
Would you be so kind as to re-check with code from [11826] or (preferably) a more recent revision?