[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration

[jerry2038]

I am running Trac 0.11 on Centos 5.2.

I installed AccountManagerPlugin and configured an HtDigestStore module using the file trac.htdigest. Got everything working. Playing with chaining stores together (eventual goal is HtDigest + LDAP), I enabled the HtPasswdStore and then visited /trac/admin/accounts/config to configure. I set priority of HtDigestStore to 1 and priority of HtPasswdStore to 2 and set the file for HtPasswdStore to trac.htpasswd.

Clicked on save.

Visited the filename field for HtDigestStore and it had changed from trac.htdigest to trac.htpasswd.

Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

If the two cannot be changed, somehow that should be indicated to the user.

[Steffen Hoffmann]

Q: What is «AMP»?

Anyway, the request looks reasonable enough, to try to resolve it. As I haven't done much research into the concurrent AuthStore setup special case, it'll still take some time, before I get a clue myself. Patch welcome.

[Steffen Hoffmann]

See #5550, as it could be relevant and maybe even should be implemented together with allowing «mixed» configurations as suggested here.

[Steffen Hoffmann]

allow password file configuration per file store type

[Steffen Hoffmann]

Replying to jerry2038:

![...] Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

Right, so the 1st patch (aplies on top of r10371) just does the foreseeable thing: It creates two new configuration options

• htdigest_password_file
• htpasswd_password_file

that must be used instead. The old password_file won't show up anymore.

While not a hack, this may still be a preliminary workaround, as I'm not sure about a good design for #5550. Patches welcome.

[Steffen Hoffmann]

(In [10396]) AccountManagerPlugin: Add separate password files for each AbstractPasswordFileStore implementation, refs #4677.

Creates two new configuration options

• htdigest_file
• htpasswd_file

allow setup of HtDigestStore and HtPasswdStore with separate password files for concurrent use.

Beware: If you used one of these authentication stores before, you'll need to rename password_file option to the appropriate new option name to avoid a painful DOS situation on login. Better login before upgrading and make sure to check the account config admin page after upgrade and before logging out.

[Steffen Hoffmann]

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

[Steffen Hoffmann]

improved report text formatting

[Steffen Hoffmann]

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution, refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress, but known to require more work to resolve them satisfactorily, refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good portion of this development work.