Opened 8 years ago

Closed 6 years ago

#6508 closed defect (fixed)

UserExtensiblePermissionStore error

Reported by: anonymous Owned by: John Hampton
Priority: highest Component: DirectoryAuthPlugin
Severity: critical Keywords:
Cc: zhijiex@… Trac Release: 0.11


I installed AccountManagerPlugin, LdapPlugin at trac 0.11.6. I can successfully to login Trac by AD's user and Passwd. But user store has no user info. So I installed ActiveDirectoryAuthPlugin and got a error: AttributeError: Cannot find an implementation of the "IPermissionStore" interface named "UserExtensiblePermissionStore". Please update the option trac.permission_store in trac.ini.

If I remove UserExtensiblePermissionStore from trac.ini there is no such mistake. But i can not find ActiveDirectoryAuthPlugin info from trac plugins. What should I fill in [components]

of trac.ini?

Attachments (0)

Change History (3)

comment:1 Changed 8 years ago by Christophe Drevet

I have the same error.

I'm digging into this plugin code to be able to use the UserExtensiblePermissionStore.

Since your post is 9 months old, I'm not sure if you still care about. Anyway, I managed to make it work without UserExtensiblePermissionStore (and then, without admin_group.)

Here is the content of my trac.ini :

# -*- coding: utf-8 -*-

# Active Directory connection informations
ad_server = xxxxxxxxxxxxxxxx:3268
base_dn = DC=xxxx,DC=xxxx,DC=xxxx
bind_dn = xxxxxxxxxxxxxxxxxx@xxxx.xxxx.xxxx
bind_passwd = xxxxxxxxxxxxxxxxxxxxx
# Enable use of the AD plugin into account manager
password_store = ADAuthStore
# Group containing all authorized users
auth_group = CN=xxxxx,OU=xxxx,DC=xxxx,DC=xxxx,DC=xxxx

# disable HTTP authentication
trac.web.auth.loginmodule = disabled
# enable accountmanager
acct_mgr.api.accountmanager = enabled
acct_mgr.web_ui.loginmodule = enabled
# enable ActiveDirectoryAuthPlugin
tracext.adauth.auth.adauthstore = enabled

# liste déroulante d'utilisateurs pour l'affectation de tickets
restrict_owner = true

comment:2 Changed 8 years ago by John Hampton

Status: newassigned

OK, not entirely sure that I follow the discussion here.

To use the UserExtensiblePermissionStore, you simple enable adauth:

tracext.adauth.* = enabled

and then you set the permission_store to UserExtensiblePermissionStore:

permission_store = UserExtensiblePermissionStore

you will also want to specify an AD group that you want to have admin access:

admin_group = cn=TracAdmins,ou=Groups,dc=Example,dc=org

This the answer you're looking for?

comment:3 Changed 6 years ago by branson

Resolution: fixed
Status: assignedclosed

assume resolved .. no feedback.

Modify Ticket

Change Properties
Set your email in Preferences
as closed The owner will remain John Hampton.
The resolution will be deleted.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.