Opened 3 years ago

Last modified 19 months ago

#11038 accepted defect

Login fails due to issues with opening sibling Trac environments

Reported by: hasienda Owned by: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: login
Cc: rjollos Trac Release: 0.11

Description (last modified by hasienda)

The following issue has been reported to trac-users mailing-list by Mario Fetka:

i get this error when i login to trac that is running via tracd via ajp via apache2.

i get a traceback only when logging in as admin:

File "/usr/lib64/python2.7/site-packages/trac/web/", line 522,
in _dispatch_request
File "/usr/lib64/python2.7/site-packages/trac/web/", line 243,
in dispatch
  resp = chosen_handler.process_request(req)
File "/usr/lib64/python2.7/site-packages/acct_mgr/", line
428, in process_request
  return auth.LoginModule.process_request(self, req)
File "/usr/lib64/python2.7/site-packages/trac/web/", line 115,
in process_request
File "/usr/lib64/python2.7/site-packages/acct_mgr/", line
539, in _do_login
  self._distribute_cookie(req, cookie.value)
File "/usr/lib64/python2.7/site-packages/acct_mgr/", line
586, in _distribute_cookie
  env = open_environment(path, use_cache=True)
File "/usr/lib64/python2.7/site-packages/trac/", line 659, in
  env = env_cache.setdefault(env_path, open_environment(env_path))
File "/usr/lib64/python2.7/site-packages/trac/", line 665, in
  env = Environment(env_path)
File "/usr/lib64/python2.7/site-packages/trac/", line 216, in __init__
File "/usr/lib64/python2.7/site-packages/trac/", line 319, in verify
  assert == 'Trac Environment Version 1'

Attachments (0)

Change History (4)

comment:1 Changed 3 years ago by hasienda

Seems like login code related to the recently introduced Single-Sign-On functionality for multiple Trac environments inside a parent directory should be improved to become more robust. Thanks for the report.

comment:2 Changed 3 years ago by hasienda

  • Description modified (diff)

comment:3 Changed 3 years ago by hasienda

(In [13015]) AccountManagerPlugin: Improve authentication data distribution, refs #11038.

While aiming at graceful handling of probably failing open_environment() calls I realized some issues, that have been subsequently corrected:

  • acct_mgr.web_ui.LoginModule._get_name_for_cookie: transient configuration changes - not thread-safe
  • acct_mgr.web_ui.LoginModule._get_name_for_cookie: 'req.remote_user' unavailable on regular requests, causing authentication data distribution to fail or update data for persistent sessions with invalid session ID
  • acct_mgr.web_ui.LoginModule._expire_cookie: use of a class attribute as cache across requests - not thread-safe
  • unconditional authentication data distribution attempts: should only act on explicite local configuration of option 'auth_cookie_path'

comment:4 Changed 19 months ago by hasienda

  • Status changed from new to accepted

Add Comment

Modify Ticket

as accepted The owner will remain hasienda.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.