#12368 closed defect (worksforme)
Warning: Error with navigation contributor "AccountModule" regardless of config
| Reported by: | Michael Wallis | Owned by: | Steffen Hoffmann |
|---|---|---|---|
| Priority: | high | Component: | AccountManagerPlugin |
| Severity: | major | Keywords: | |
| Cc: | Trac Release: | 1.0 |
Description
Trying to get AccountManagerPlugin running but even with the HtPasswdStore method I get the above warning on every page.
[account-manager] account_changes_notify_addresses = mwallis@----------.com allow_delete_account = false force_passwd_change = false htpasswd_file = /trac/trac.htpasswd htpasswd_hash_type = md5 notify_actions = new password_store = HtPasswdStore persistent_sessions = true refresh_passwd = true reset_password = false verify_email = true [components] acct_mgr.admin.* = enabled acct_mgr.api.* = enabled acct_mgr.db.sessionstore = disabled acct_mgr.htfile.htdigeststore = disabled acct_mgr.htfile.htpasswdstore = enabled acct_mgr.http.* = disabled acct_mgr.notification.* = enabled acct_mgr.pwhash.* = disabled acct_mgr.register.* = enabled acct_mgr.svnserve.svnservepasswordstore = disabled acct_mgr.web_ui.* = enabled acct_mgr.web_ui.resetpwstore = disabled trac.db.mysql_backend.mysqlconnector = disabled trac.db.postgres_backend.postgresqlconnector = disabled trac.web.auth.loginmodule = disabled tracopt.mimeview.enscript.enscriptrenderer = enabled tracopt.mimeview.php.phprenderer = enabled tracopt.perm.config_perm_provider.extrapermissionsprovider = enabled tracopt.ticket.clone.ticketclonebutton = enabled tracopt.ticket.commit_updater.committicketreferencemacro = enabled tracopt.ticket.commit_updater.committicketupdater = enabled tracopt.ticket.deleter.ticketdeleter = enabled tracopt.versioncontrol.git.* = enabled
Attachments (1)
Change History (19)
Changed 9 years ago by
| Attachment: | tracAccountManagerWarning.png added |
|---|
comment:1 follow-up: 2 Changed 9 years ago by
Please provide your Trac version and a DEBUG log of a request, probably obfuscating private content before.
comment:2 Changed 9 years ago by
Replying to hasienda:
Please provide your Trac version and a DEBUG log of a request, probably obfuscating private content before.
Here is a good reference if @reporter isn't sure about sending DEBUG logs: trac:TracTroubleshooting#ChecktheLogs.
comment:3 Changed 9 years ago by
kf6spf: will you be able to provide the logs? If not, we should close this, as it's likely a support issue anyway.
If you reply, please let us know which version of AccountManagerPlugin you are running.
comment:4 Changed 9 years ago by
I managed to get it installed, but I think it was by dint of reinstalling the system using Bitnami's Trac 1.0.5 setup.
Unfortunately, I no longer have the logs from the 1.0.6 install.
comment:5 Changed 9 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
I guess we call it an installation issue then. Thanks for the reply.
comment:6 Changed 9 years ago by
| Resolution: | worksforme |
|---|---|
| Status: | closed → reopened |
I see the same problem after upgrading Trac from 0.12.3 to 1.0.9 with plugin version 0.4.4.
[components] acct_mgr.admin.* enabled acct_mgr.api.* enabled acct_mgr.db.sessionstore disabled acct_mgr.htfile.htdigeststore enabled acct_mgr.htfile.htpasswdstore disabled acct_mgr.http.* disabled acct_mgr.notification.* enabled acct_mgr.pwhash.* disabled acct_mgr.register.* enabled acct_mgr.svnserve.svnservepasswordstore disabled acct_mgr.web_ui.* enabled acct_mgr.web_ui.loginmodule enabled acct_mgr.web_ui.resetpwstore disabled
[account-manager] htdigest_file = /<my_path>/Trac/Conf/htdigest.txt persistent_sessions = true authentication_url = db_htdigest_realm = force_passwd_change = true hash_method = HtDigestHashMethod htdigest_file = <my_path>\auth\auth.txt htdigest_realm = xxxx password_store = HtDigestStore persistent_sessions = True refresh_passwd = False verify_email = False
With the following change in web_ui.py I see which exception is happening:
def _reset_password_enabled(self, log=False): try: self.store.hash_method except AttributeError: return False except BaseException, e: print e raise return is_enabled(self.env, self.__class__) and \ self.reset_password and (self._write_check(log) != []) and \ is_enabled(self.env, self.store.__class__) and \ self.store.hash_method and True or False
It results in:
Cannot find an implementation of the <tt>IPasswordHashMethod</tt> interface named <tt>HtDigestHashMethod</tt>. Please check that the Component is enabled or update the option <tt>[account-manager] hash_method</tt> in trac.ini..
Enabling the component acct_mgr.pwhash.HtDigestHashMethod seems to fix the problem.
I have to leave it to the developers to decide if this is a bug or just a configuration problem. If it's a configuration issue I think some hint on the AccountManager page might be useful.
comment:7 Changed 9 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | reopened → closed |
It is a configuration issue. hash_method should only be specified when using SessionStore (i.e. password_store = SessionStore). For your configuration, use:
hash_method =
comment:8 follow-up: 9 Changed 9 years ago by
I had the same problem and can confirm the 'acct_mgr.pwhash.HtDigestHasMethod' recipe from above (thanks Cinc-th) fixes it. Just setting 'hash_method = ' didn't make a difference.
Running Trac 1.0.2 with TracAccountManager 0.4.3 under Apache 2.4.10 on Debian 8.1 box.
comment:9 Changed 9 years ago by
Replying to anonymous:
Just setting 'hash_method = ' didn't make a difference.
Again, hash_method only needs to be set when using SessionStore. You may have gotten the error to go away by specifying a hash_method, but there are many random combinations of configuration options that will help you avoid errors but are not logically correct, or necessary.
comment:10 follow-up: 12 Changed 9 years ago by
You misunderstood comment:8: What the comment is saying is that setting hash_method to the empty string as suggested in comment:7 does not help. I have this issue now with Trac 1.0.8, I tried setting hash_method = to the empty string, even removing it entirely, then restarting Trac. The warning does not go away. I then tried also removing all the other settings that are not relevant for my configuration. Same.
comment:11 Changed 9 years ago by
I actually have to keep hash_method = HtDigestHashMethod and enable the corresponding module even though I'm using the password_store = PhpBBAuthStore.
comment:12 Changed 9 years ago by
Replying to Kevin Kofler:
You misunderstood comment:8: What the comment is saying is that setting hash_method to the empty string as suggested in comment:7 does not help.
There was nothing to misunderstand. Your comment was completely vague and you gave no information about your configuration. comment:6 is not a generally-applicable solution. Others should not be misled into thinking that hash_method needs to be set if they aren't using SessionStore. I have no idea how PhpBBAuthStore works, or what is required.
comment:13 Changed 9 years ago by
Note also that the configuration in comment:6 specifies acct_mgr.db.sessionstore = disabled, which is needed when setting hash_method to an empty value.
The behavior can probably be improved on. I will look into it after the next release.
comment:14 Changed 9 years ago by
comment:8 was not from me, but from an anonymous commenter. But I tried setting hash_method to the empty string as well and it was not working for me either.
I already have acct_mgr.db.sessionstore = disabled. There is still something that wants the hash_method.
The PhpBBAuthStore is yet another plugin. It does its own hashing, matching what phpBB does. So it should not need the hash_method from the AccountManager at all. And it used to work for me with Trac 1.0.1, and also with 0.12.x before, the problem started for me after I upgraded my Trac RPM to 1.0.8.
comment:15 Changed 9 years ago by
The strange thing is that I used the same version of the account manager plugin (0.4.4) under Trac 1.0.1 and did not get this warning there.
comment:16 Changed 9 years ago by
The change in behavior when upgrading from 1.0.1 to 1.0.2 is due to trac:#10285.
AccountManager 0.5dev has been modified to trap the ConfigurationError exception in [14274#file1]. I thought that change had been applied in 0.4.x, but that's not the case, so you are correct that hash_method will need to be defined regardless of whether using SessionStore. This is due to ConfigurationError not being trapped in accountmanagerplugin/tags/acct_mgr-0.4.4/acct_mgr/web_ui.py@:145#L142.
The statements I made previously only apply to AccountManager 0.5dev-r14274 and later.
However, despite the changes in 0.5dev, AccountManagerPlugin can still be modified to behave more nicely when SessionStore is not being used but is enabled.
comment:17 Changed 9 years ago by
So this was fixed over a year ago and the fix still hasn't made it into a stable release?! Sad! :-(
Warning message