Opened 4 years ago

Closed 4 years ago

#11032 closed defect (invalid)

sessionstore and subversion authorization

Reported by: juan Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: SessionStore
Cc: Ryan J Ollos Trac Release: 0.12



Is it possible to use sessionstore for subversion authorization?

In my configuration I activate sessionstore module, define it as password store and use mysql as project database

acct_mgr.db.sessionstore = enabled
trac.web.auth.loginmodule = disabled
acct_mgr.pwhash.htdigesthashmethod = disabled
acct_mgr.pwhash.htpasswdhashmethod = enabled

password_store = SessionStore
hash_method = HtPasswdHashMethod
htpasswd_hash_type = md5

database = mysql://admin:pwd@localhost/projectName

I try to add subversion Authentication in my httpd.conf but I can not follow procedure defined in:

because the session_attribute table where password are stored do not follow the recomended structure

I tryed this configuratin but apache do not seems to find the credentials

    <Location /sources/projectName>
      DAV svn
      SVNPath /home/repositories/projectName
      AuthType Basic
      AuthName "Connect to project repository using your trac credentials"
      AuthzSVNAccessFile /var/trac/project/conf/authzscm.conf

      AuthMySQLHost localhost
      AuthMySQLUser admin
      AuthMySQLPassword pwd
      AuthMySQLDB projectName
      AuthMysqlUserTable session_attribute
      AuthMySQLPwEncryption md5
      AuthMySQLNameField sid
      AuthMySQLPasswordField value
      AuthMySQLUserCondition name=password
      AuthMySQLEnable on
      Require valid-user

Someone has a better idea? thanks

I use TracAccountManager 0.3 Trac 0.12.3

Attachments (0)

Change History (1)

comment:1 in reply to:  description Changed 4 years ago by Steffen Hoffmann

Cc: Ryan J Ollos added; anonymous removed
Keywords: SessionStore added
Resolution: invalid
Status: newclosed

Replying to cabrera:


Is it possible to use sessionstore for subversion authorization?

No, as you already found out. And it was never advertised nor intended, so creating a defect ticket against this plugin doesn't help.

Use the mailing-list for attempts to get installation/configuration support or more, please. Creating tickets for such requests in our plugin development ticket system is deemed a rather aggressive way to attract attention, so is commonly discouraged and disliked.

Someone has a better idea?

Yes. Best starting point would be wiki:AccountManagerPlugin/AuthStores, did you see that before?

I.e. you could do it the other way round using SvnServePasswordStore. Or try one of SQLAuthStorePlugin and SQLFlexibleAuthStorePlugin, that use a dedicated db table unlike SessionStore, that reuses a Trac core db table and naturally suffers from its limitations.

Modify Ticket

as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.