Opened 16 years ago
Closed 12 years ago
#4677 closed defect (fixed)
[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration
Reported by: | jerry2038 | Owned by: | Steffen Hoffmann |
---|---|---|---|
Priority: | normal | Component: | AccountManagerPlugin |
Severity: | major | Keywords: | configuration conflict |
Cc: | Trac Release: | 0.11 |
Description (last modified by )
I am running Trac 0.11 on Centos 5.2.
I installed AccountManagerPlugin and configured an HtDigestStore module using the file trac.htdigest
. Got everything working. Playing with chaining stores together (eventual goal is HtDigest + LDAP), I enabled the HtPasswdStore and then visited /trac/admin/accounts/config to configure. I set priority of HtDigestStore to 1 and priority of HtPasswdStore to 2 and set the file for HtPasswdStore to trac.htpasswd
.
Clicked on save.
Visited the filename field for HtDigestStore and it had changed from trac.htdigest
to trac.htpasswd
.
Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.
If the two cannot be changed, somehow that should be indicated to the user.
Attachments (1)
Change History (8)
comment:1 Changed 14 years ago by
Keywords: | needinfo configuration conflict added |
---|---|
Owner: | changed from John Hampton to Steffen Hoffmann |
comment:2 Changed 14 years ago by
See #5550, as it could be relevant and maybe even should be implemented together with allowing «mixed» configurations as suggested here.
Changed 14 years ago by
Attachment: | 20110625_acct-mgr_fx-4677.patch added |
---|
allow password file configuration per file store type
comment:3 Changed 14 years ago by
Keywords: | needinfo removed |
---|---|
Severity: | normal → major |
Status: | new → assigned |
Summary: | AMP: Admin based chaining HtDigestStore & HtPasswdStore breaks configuration → [patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration |
Replying to jerry2038:
![...] Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.
Right, so the 1st patch (aplies on top of r10371) just does the foreseeable thing: It creates two new configuration options
- htdigest_password_file
- htpasswd_password_file
that must be used instead. The old password_file
won't show up anymore.
While not a hack, this may still be a preliminary workaround, as I'm not sure about a good design for #5550. Patches welcome.
comment:4 Changed 13 years ago by
(In [10396]) AccountManagerPlugin: Add separate password files for each AbstractPasswordFileStore
implementation, refs #4677.
Creates two new configuration options
- htdigest_file
- htpasswd_file
allow setup of HtDigestStore
and HtPasswdStore
with separate password
files for concurrent use.
Beware: If you used one of these authentication stores before, you'll need to
rename password_file
option to the appropriate new option name to avoid
a painful DOS situation on login. Better login before upgrading and make sure
to check the account config admin page after upgrade and before logging out.
comment:5 Changed 13 years ago by
(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.
The generic option password_file
is now explicitly depreciated.
comment:7 Changed 12 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.
Availability of that code as stable release closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.
Some more issues have been worked-on, yet without confirmed resolution,
refs #5464 (for JiraToTracIntegration
), #8927 and #10134.
And finally there are some issues and enhancement requests showing progress, but known to require more work to resolve them satisfactorily, refs #843, #1600, #5964, #8217, #8933.
Thanks to all contributors and followers, that enabled and encouraged a good portion of this development work.
Q: What is «AMP»?
Anyway, the request looks reasonable enough, to try to resolve it. As I haven't done much research into the concurrent AuthStore setup special case, it'll still take some time, before I get a clue myself. Patch welcome.