Modify

Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#12368 closed defect (worksforme)

Warning: Error with navigation contributor "AccountModule" regardless of config

Reported by: Michael Wallis Owned by: Steffen Hoffmann
Priority: high Component: AccountManagerPlugin
Severity: major Keywords:
Cc: Trac Release: 1.0

Description

Trying to get AccountManagerPlugin running but even with the HtPasswdStore method I get the above warning on every page.

[account-manager]
account_changes_notify_addresses = mwallis@----------.com
allow_delete_account = false
force_passwd_change = false
htpasswd_file = /trac/trac.htpasswd
htpasswd_hash_type = md5
notify_actions = new
password_store = HtPasswdStore
persistent_sessions = true
refresh_passwd = true
reset_password = false
verify_email = true

[components]
acct_mgr.admin.* = enabled
acct_mgr.api.* = enabled
acct_mgr.db.sessionstore = disabled
acct_mgr.htfile.htdigeststore = disabled
acct_mgr.htfile.htpasswdstore = enabled
acct_mgr.http.* = disabled
acct_mgr.notification.* = enabled
acct_mgr.pwhash.* = disabled
acct_mgr.register.* = enabled
acct_mgr.svnserve.svnservepasswordstore = disabled
acct_mgr.web_ui.* = enabled
acct_mgr.web_ui.resetpwstore = disabled
trac.db.mysql_backend.mysqlconnector = disabled
trac.db.postgres_backend.postgresqlconnector = disabled
trac.web.auth.loginmodule = disabled
tracopt.mimeview.enscript.enscriptrenderer = enabled
tracopt.mimeview.php.phprenderer = enabled
tracopt.perm.config_perm_provider.extrapermissionsprovider = enabled
tracopt.ticket.clone.ticketclonebutton = enabled
tracopt.ticket.commit_updater.committicketreferencemacro = enabled
tracopt.ticket.commit_updater.committicketupdater = enabled
tracopt.ticket.deleter.ticketdeleter = enabled
tracopt.versioncontrol.git.* = enabled

Attachments (1)

tracAccountManagerWarning.png (59.6 KB) - added by Michael Wallis 9 years ago.
Warning message

Download all attachments as: .zip

Change History (19)

Changed 9 years ago by Michael Wallis

Warning message

comment:1 Changed 9 years ago by Steffen Hoffmann

Please provide your Trac version and a DEBUG log of a request, probably obfuscating private content before.

comment:2 in reply to:  1 Changed 9 years ago by Ryan J Ollos

Replying to hasienda:

Please provide your Trac version and a DEBUG log of a request, probably obfuscating private content before.

Here is a good reference if @reporter isn't sure about sending DEBUG logs: trac:TracTroubleshooting#ChecktheLogs.

comment:3 Changed 9 years ago by Ryan J Ollos

kf6spf: will you be able to provide the logs? If not, we should close this, as it's likely a support issue anyway.

If you reply, please let us know which version of AccountManagerPlugin you are running.

comment:4 Changed 9 years ago by Michael Wallis

I managed to get it installed, but I think it was by dint of reinstalling the system using Bitnami's Trac 1.0.5 setup.

Unfortunately, I no longer have the logs from the 1.0.6 install.

comment:5 Changed 9 years ago by Ryan J Ollos

Resolution: worksforme
Status: newclosed

I guess we call it an installation issue then. Thanks for the reply.

comment:6 Changed 9 years ago by Cinc-th

Resolution: worksforme
Status: closedreopened

I see the same problem after upgrading Trac from 0.12.3 to 1.0.9 with plugin version 0.4.4.

[components]
acct_mgr.admin.* 	 	 	 	enabled
acct_mgr.api.* 	 	 	 	 	enabled
acct_mgr.db.sessionstore 	 	 	disabled
acct_mgr.htfile.htdigeststore 	 	 	enabled
acct_mgr.htfile.htpasswdstore 	 	 	disabled
acct_mgr.http.* 	 	 	 	disabled
acct_mgr.notification.* 	 	 	enabled
acct_mgr.pwhash.* 	 	 	 	disabled
acct_mgr.register.* 	 	 	 	enabled
acct_mgr.svnserve.svnservepasswordstore 	disabled
acct_mgr.web_ui.* 	 	 	 	enabled
acct_mgr.web_ui.loginmodule 	 	 	enabled
acct_mgr.web_ui.resetpwstore 	 	 	disabled
[account-manager]
htdigest_file = /<my_path>/Trac/Conf/htdigest.txt
persistent_sessions = true
authentication_url =
db_htdigest_realm =
force_passwd_change = true
hash_method = HtDigestHashMethod
htdigest_file = <my_path>\auth\auth.txt
htdigest_realm = xxxx
password_store = HtDigestStore
persistent_sessions = True
refresh_passwd = False
verify_email = False

With the following change in web_ui.py I see which exception is happening:

    def _reset_password_enabled(self, log=False):
        try:
            self.store.hash_method
        except AttributeError:
            return False
        except BaseException, e:
            print e
            raise
        return is_enabled(self.env, self.__class__) and \
               self.reset_password and (self._write_check(log) != []) and \
               is_enabled(self.env, self.store.__class__) and \
               self.store.hash_method and True or False

It results in:

Cannot find an implementation of the <tt>IPasswordHashMethod</tt> interface named <tt>HtDigestHashMethod</tt>. Please check that the Component is enabled or update the option <tt>[account-manager] hash_method</tt> in trac.ini..

Enabling the component acct_mgr.pwhash.HtDigestHashMethod seems to fix the problem.

I have to leave it to the developers to decide if this is a bug or just a configuration problem. If it's a configuration issue I think some hint on the AccountManager page might be useful.

comment:7 Changed 9 years ago by Ryan J Ollos

Resolution: worksforme
Status: reopenedclosed

It is a configuration issue. hash_method should only be specified when using SessionStore (i.e. password_store = SessionStore). For your configuration, use:

hash_method = 
Last edited 9 years ago by Ryan J Ollos (previous) (diff)

comment:8 Changed 9 years ago by anonymous

I had the same problem and can confirm the 'acct_mgr.pwhash.HtDigestHasMethod' recipe from above (thanks Cinc-th) fixes it. Just setting 'hash_method = ' didn't make a difference.

Running Trac 1.0.2 with TracAccountManager 0.4.3 under Apache 2.4.10 on Debian 8.1 box.

comment:9 in reply to:  8 Changed 9 years ago by Ryan J Ollos

Replying to anonymous:

Just setting 'hash_method = ' didn't make a difference.

Again, hash_method only needs to be set when using SessionStore. You may have gotten the error to go away by specifying a hash_method, but there are many random combinations of configuration options that will help you avoid errors but are not logically correct, or necessary.

comment:10 Changed 9 years ago by Kevin Kofler

You misunderstood comment:8: What the comment is saying is that setting hash_method to the empty string as suggested in comment:7 does not help. I have this issue now with Trac 1.0.8, I tried setting hash_method = to the empty string, even removing it entirely, then restarting Trac. The warning does not go away. I then tried also removing all the other settings that are not relevant for my configuration. Same.

comment:11 Changed 9 years ago by Kevin Kofler

I actually have to keep hash_method = HtDigestHashMethod and enable the corresponding module even though I'm using the password_store = PhpBBAuthStore.

comment:12 in reply to:  10 Changed 9 years ago by Ryan J Ollos

Replying to Kevin Kofler:

You misunderstood comment:8: What the comment is saying is that setting hash_method to the empty string as suggested in comment:7 does not help.

There was nothing to misunderstand. Your comment was completely vague and you gave no information about your configuration. comment:6 is not a generally-applicable solution. Others should not be misled into thinking that hash_method needs to be set if they aren't using SessionStore. I have no idea how PhpBBAuthStore works, or what is required.

comment:13 Changed 9 years ago by Ryan J Ollos

Note also that the configuration in comment:6 specifies acct_mgr.db.sessionstore = disabled, which is needed when setting hash_method to an empty value.

The behavior can probably be improved on. I will look into it after the next release.

Last edited 9 years ago by Ryan J Ollos (previous) (diff)

comment:14 Changed 9 years ago by Kevin Kofler

comment:8 was not from me, but from an anonymous commenter. But I tried setting hash_method to the empty string as well and it was not working for me either.

I already have acct_mgr.db.sessionstore = disabled. There is still something that wants the hash_method.

The PhpBBAuthStore is yet another plugin. It does its own hashing, matching what phpBB does. So it should not need the hash_method from the AccountManager at all. And it used to work for me with Trac 1.0.1, and also with 0.12.x before, the problem started for me after I upgraded my Trac RPM to 1.0.8.

comment:15 Changed 9 years ago by Kevin Kofler

The strange thing is that I used the same version of the account manager plugin (0.4.4) under Trac 1.0.1 and did not get this warning there.

comment:16 Changed 9 years ago by Ryan J Ollos

The change in behavior when upgrading from 1.0.1 to 1.0.2 is due to trac:#10285.

AccountManager 0.5dev has been modified to trap the ConfigurationError exception in [14274#file1]. I thought that change had been applied in 0.4.x, but that's not the case, so you are correct that hash_method will need to be defined regardless of whether using SessionStore. This is due to ConfigurationError not being trapped in accountmanagerplugin/tags/acct_mgr-0.4.4/acct_mgr/web_ui.py@:145#L142.

The statements I made previously only apply to AccountManager 0.5dev-r14274 and later.

However, despite the changes in 0.5dev, AccountManagerPlugin can still be modified to behave more nicely when SessionStore is not being used but is enabled.

comment:17 Changed 9 years ago by Kevin Kofler

So this was fixed over a year ago and the fix still hasn't made it into a stable release?! Sad! :-(

comment:18 Changed 9 years ago by Ryan J Ollos

See #12569. We could use more contributors.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.