Enable use of multiple htpasswd files

[bjoern.riemer@…]

Hi, I have a setup with multiple htpasswd files per project. one for internal developers shared among many projects and one file per project for external developers. Is it possible to add more than one htpasswd files to the account manager. By doing so all users (intern and extern) could change their password within trac.

[Steffen Hoffmann]

Not implemented by now, and there are some major issues to be cleared before:

• To which of the htpasswd files should go new user entries? At least we'd need kind of (one) primary and (one or more) secondary files then.
• How should we handle duplicate and even conflicting entries?

While I understand you intention, I guess, the one-file solution is still a good thing. Maybe you could still limit access for external users to only one project by other means? Maybe something like realms for htdigest, but currently I don't know much about this anyway.

[Steffen Hoffmann]

Would you dare to comment to my recently raised questions here, please?

I can't make promises about an implementation right now, but it's much more likely to miss expectations without feedback from your side.

[bjoern.riemer@…]

sorry for the late answer i missed the first mail from trac.

one solution to implement this could be to specify one shared password file and one project password file. password changes should always written to the file where the password was stored before. New entires are added only by the admin in my case so he could specify to which file the new user should be added. duplicates could be a problem.. but again in my case the admin should take care of this problem. the plugin could ignore all duplicates. anther solution would to specify priorities of the password files and entries from higher priority files overwrite entries from the other files.

[Steffen Hoffmann]

Ok, thanks for your feedback.

This ensures me, that you're still interested in this feature, and a little clearer how you think it should work.

Meanwhile I've thought it over, and this is my proposal:

• stick to password_file option, but allow to optionally parse it as a list in addition to basic string content, i.e. if a comma is detected
• first list item password_file[0] will always be the «primary» file, that take precedence and will receive new entries, while I assume that it's just fine to update passwords in any file provided as authentication information resource
• behavior on duplicated entries has to be investigated and ensures to be consistent and essentially nothing special for any config case; after all even duplicated lines in one AuthStore have to be handled
• without explicit request to update a password, there shouldn't be any action like overwriting different looking passwords in different AuthStores (Due to the nature of hashed passwords you never know without checking in parallel against the valid password, if they are really different or matching but with different salt!)

We might even allow for any number of a mix of password files in htdigest and htpasswd format, but this is a different story, as we already have #4677 for that feature.

[bjoern.riemer@…]

as i use the webserver for authentication i dont know how he handles duplicate entries in the passwd files. so maybe the duplicate user cant login anymore? it would be nice if the plugin displays a warning if duplicate entries were found in the files.

[Steffen Hoffmann]

Replying to hasienda:

• stick to password_file option, but allow to optionally parse it as a list in addition to basic string content, i.e. if a comma is detected

I changed my mind while coding to resolve #4677 lately. Now I'm recommending per-store options like htpasswd_file and will dump the generic password_file altogether soon (now speaking of yet-unpublished code for next release).

We might even allow for any number of a mix of password files in htdigest and htpasswd format, but this is a different story, as we already have #4677 for that feature.

Again, concurrent files for different stores are one issue (#4677), and multiple files per store is another one.

Multiple files per store are not supported now, up to and including acct_mgr-0.3, but should be resolved for the next release. However, it'll require substantial code changes to make it happen. Suggestions and patches welcome.