Opened 11 years ago

Closed 7 years ago

Reported by: Owned by: Noah Kantrowitz Steffen Hoffmann normal AccountManagerPlugin normal code integration John Hampton, Brad Anderson, Noah Kantrowitz, Gunnar Wagenknecht, Mikhail Gusarov, Ryan J Ollos 0.8

Description

We clearly have too many implementations of alternate login mechanisms:

Given that Matt has made an extension point for this kind of thing, I propose that we merge both AuthForm and DbAuth into AccountManager.

comment:1 Changed 11 years ago by Brad Anderson

Whoops, didn't see this ticket before I added #174, #175, #176. I'm all for the merge.

comment:2 Changed 11 years ago by Matt Good

Yeah, I was going to bring that up when I saw DbAuthPlugin mentioned on the mailing list. Patches are welcome. The HTTP authentication used by AuthFormPlugin should be possible for validating users, though it won't be possible to implement the methods for listing/editing users.

comment:3 Changed 11 years ago by adeason@…

I don't think AuthFormPlugin needs to be integrated with Db/AccountManager. The idea behind it is that you can use any kind of HTTP authentication method to use with it, and doesn't need to be managed by Trac. You could use any Apache module to auth off of Kerberos or LDAP or MySQL or whatever (or write some CGI to write your own). You could have a Trac module to manage accounts in a database and use that for HTTP auth with AuthForm, but they are still definitely separate things.

comment:4 Changed 11 years ago by Matt Good

Status: new → assigned

adeason@…: the point is that the AccountManagerPlugin also supports form-based authentication, so it's kind of redundant. As I said, the HTTP authentication could be added to AccountManager, so it's not necessary to keep it as a separate plugin.

comment:5 Changed 11 years ago by Gunnar Wagenknecht

Cc: Gunnar Wagenknecht added → 0.8

comment:6 Changed 10 years ago by Matt Good

(In [1534]) * add an HttpAuthStore to support logins by checking the password against

HTTP authentication for a URL (re #173)

• update the modules to check whether the current password store supports writing passwords or deleting accounts

comment:7 follow-up:  9 Changed 10 years ago by Mikhail Gusarov

OpenidPlugin is another authentication plugin which can be integrated.

comment:9 in reply to:  7 Changed 10 years ago by anonymous

OpenidPlugin is another authentication plugin which can be integrated.

Openid is pretty cool and I'm considering using it for one of my sites, but I don't think the OpenidPlugin will benefit from being part of the AccountManagerPlugin. The OpenidPlugin doesn't fit into any of the interfaces provided by the AccountManagerPlugin since it's very different from the username/password backends supported by the AccountManager. I don't really see any place they overlap, so I think it's best if they remain separate.

comment:10 Changed 10 years ago by Matt Good

Oops, that "anonymous" was me.

comment:11 follow-up:  12 Changed 10 years ago by Mikhail Gusarov

Then OpenIdPlugin and AccountManager plugin will be incompatible forever. I think it's possible to refactor AccountManagerPlugin a bit to separate account from the credentials, and then associate account with multiple types of credentials (password, SSL cert, OpenId identity etc).

comment:12 in reply to:  11 ; follow-up:  14 Changed 10 years ago by Matt Good

I think it's possible to refactor AccountManagerPlugin a bit to separate account from the credentials, and then associate account with multiple types of credentials (password, SSL cert, OpenId identity etc).

That's beyond the scope of this ticket. This ticket is just meant to address the overlap between the several plugins that all implemented basically the same username/password style login forms. If you have some needs for integrating the Openid and AccountManager plugins please open a new ticket for that.

comment:13 Changed 7 years ago by Steffen Hoffmann

Cc: John Hampton Ryan J Ollos added code integration added changed from Matt Good to John Hampton assigned → new

I there still something to be done? Given the low interest within the past 4(!) years this is somewhat hard to believe.

comment:14 in reply to:  12 Changed 7 years ago by Steffen Hoffmann

Owner: changed from John Hampton to Steffen Hoffmann

I think it's possible to refactor AccountManagerPlugin a bit to separate account from the credentials, and then associate account with multiple types of credentials (password, SSL cert, OpenId identity etc).

That's beyond the scope of this ticket. This ticket is just meant to address the overlap between the several plugins that all implemented basically the same username/password style login forms. If you have some needs for integrating the !Openid and AccountManager plugins please open a new ticket for that.

Right, I'll follow that approach. The initial request has been fulfilled, since the other plugins in question are currently depreciated in favor of AccountManagerPlugin.

comment:15 Changed 7 years ago by Steffen Hoffmann

Resolution: → fixed new → closed

#1061 might have been open as this new ticket. I've taken care to mention this ticket there. Nothing more to be done here, as far as I can see.

Modify Ticket

Change Properties