Logout when clicking on report

[anonymous]

When clicking on "View tickets" I am getting logged out, when I click on another menu, I am logged in again. Other menus, like roadmap, wiki, etc. are working fine.

An error is shown, that I haven't suffiecient rights (REPORT_VIEW), but the user have REPORT_ADMIN!

I activated the LoginModule, but disabled RegistrationModule and EmailVerificationModule.

Systeminformationen Trac 0.12.2 Babel 0.9.6 Genshi 0.6 mod_wsgi 2.8 (WSGIProcessGroup WSGIApplicationGroup %{GLOBAL}) psycopg2 2.0.13 Python 2.6.5 (r265:79063, Apr 16 2010, 14:15:55) [GCC 4.4.3] setuptools 0.6c11 Subversion 1.6.6 (r40053) jQuery: 1.4.2

[Steffen Hoffmann]

Replying to anonymous:

When clicking on "View tickets" I am getting logged out,

You can customize these mainnav item to point to arbitrary targets. Look into your trac.iniand tell me the exact (relative) Trac link that is called, please.

when I click on another menu, I am logged in again. Other menus, like roadmap, wiki, etc. are working fine.

So you've never been logged out in the first place. Still this is an permission (cache) inconsistency, but how comes that you think AccountManagerPlugin is the root cause?

An error is shown, that I haven't suffiecient rights (REPORT_VIEW), but the user have REPORT_ADMIN!

Well, that's just the PermissionSystem feedback. As questions before, it depends on the exact target in your environment (is it really '/report' ?) and if possibly some other stuff is tampering with the req.perm object.

[anonymous]

Replying to hasienda:

You can customize these mainnav item to point to arbitrary targets. Look into your trac.iniand tell me the exact (relative) Trac link that is called, please.

the link is: report the mainnav and metanav entries in trac.ini are as following:

mainnav 	wiki,timeline,roadmap,browser,tickets,newticket
metanav 	login,logout,prefs,help,search,about

So you've never been logged out in the first place. Still this is an permission (cache) inconsistency, but how comes that you think AccountManagerPlugin is the root cause?

When setting setting apache2-authentication as described in Trac 0.12-wiki under TracCgi#AddingAuthentication it works fine:

<Location "/trac/login">
  AuthType Basic
  AuthName "Trac"
  AuthUserFile /somewhere/trac.htpasswd
  Require valid-user
</Location>

Well, that's just the PermissionSystem feedback. As questions before, it depends on the exact target in your environment (is it really '/report' ?) and if possibly some other stuff is tampering with the req.perm object.

I have some other self-made plugins at this instance of trac, but none of them are scoping with report-view and they just doing the usual checks with req.perm:

if 'TICKET_MODIFY' in req.perm(tkt.resource):
[...]
if ticket and ticket.exists and \
                    'TICKET_CREATE' in req.perm(ticket.resource):
[...]
if req.perm.has_permission('TRAC_ADMIN') or req.perm.has_permission("CONTROLLER_ADMIN"):
[...]

---

Just for clarity, how you can reproduce the error (at least at my installation): pre-requires (just to be sure, no flaws are left from some older sessions):

delete from session;
delete from session_attribute;

1. login via HTML form
2. click on "View tickets" (links to $PROJECT_ENV/report) or "Browse Source" (links to $PROJECT_ENV/browser)
3. logout (correct error will be shown, because anonymous has no rights for this view)
4. login with same user via HTML form
5. Same error as with user anonymous will occur at views (links to $PROJECT_ENV/report) or "Browse Source" (links to $PROJECT_ENV/browser) and no user is displayed in metanav !!! The user can never view the view again at which he logged out previously (can be more than one!)

user have following right:

LOGIN_USER devel
devel REPORT_ADMIN
devel project # project is another group with rights as TICKET_CREATE and such
authenticated REPORT_VIEW

[anonymous]

forgot to say that I am using version 0.3dev-r9929 of ​TracAccountManager

[Franz]

might be a bug in Trac itself, see ​http://trac.edgewall.org/ticket/10148

[Steffen Hoffmann]

So it turned out to be no real logout, just a 'ghost' invalid page from a cache, so it's not a plugin issue as well.

rblank at ​Trac ticket #10148:

Ok, definitely a caching issue at the proxy, then. Nothing we can do in Trac, I'm afraid, except if setting some headers differently would improve the situation (and no, removing caching altogether is not an option).

Sorry, seems like we can't really do something good regarding the insane action with caching involved.