Changes between Version 91 and Version 92 of AccountManagerPlugin


Ignore:
Timestamp:
Oct 9, 2010, 9:05:10 PM (13 years ago)
Author:
Steffen Hoffmann
Comment:

AuthStore content moved out to dedicated page, minor editorial changes

Legend:

Unmodified
Added
Removed
Modified
  • AccountManagerPlugin

    v91 v92  
    2424== Bugs/Feature Requests ==
    2525
    26 Existing bugs and feature requests for AccountManagerPlugin are
    27 [query:?status=new&status=assigned&status=reopened&group=&component=AccountManagerPlugin&order=priority here].
    28 
    29 If you have any issues, create a
    30 [http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=hasienda new ticket].
     26Existing bugs and feature requests for !AccountManagerPlugin are available from Trac-Hacks
     27[query:?status!=closed&group=&component=AccountManagerPlugin&order=priority ticket system].
     28
     29If you have any issues that is not found in [query:?component=AccountManagerPlugin&order=priority existing tickets], create a
     30[http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=hasienda new ticket], please.
    3131
    3232== Install ==
     
    7979 * [download:accountmanagerplugin/0.9 0.9]
    8080 * [download:accountmanagerplugin/0.10 0.10]
    81  * [download:accountmanagerplugin/0.11 0.11] (doesn't currently work with 0.11.4, see #4125)
     81 * [download:accountmanagerplugin/0.11 0.11]
    8282 * [download:accountmanagerplugin/trunk trunk]
    8383
     
    106106
    107107This is the core of this plugin.  This component ''must'' be enabled to use any of the other components.
    108 
    109 === !HtDigestStore ===
    110  '''Package''':: acct_mgr.htfile
    111 
    112 Used to store passwords in the htdigest file format.
    113 
    114 {{{
    115 #!div class="important"
    116 '''Warning:''' This password method may not work with [t:TracModPython mod_python] due to a  bug using Python’s md5 module under mod_python (''"it has been reported that mod_python has trouble returning good MD5 strings. It has been speculated that this is because many apache mods are using the same md5 source (php and so forth), but this is not confirmed"'').  If you experience problems try [t:TracFastCgi FastCGI], [t:wiki:TracModWSGI mod_wsgi], or [t:TracStandalone tracd].
    117 }}}
    118 
    119 To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]:
    120 
    121 {{{
    122 [components]
    123 ; be sure to enable the component
    124 acct_mgr.htfile.HtDigestStore = enabled
    125 
    126 [account-manager]
    127 ; configure the plugin to store passwords in the htdigest format:
    128 password_store = HtDigestStore
    129 ; with Trac < 0.10 use this instead:
    130 password_format = htdigest
    131 
    132 ; the file where user accounts are stored
    133 ; the webserver will need write permissions to this file
    134 ; and its parent folder
    135 password_file = /var/trac/trac.htdigest
    136 
    137 ; the name of the authentication “realm”
    138 ; it can be any text to identify your site or project
    139 htdigest_realm = TracRealm
    140 }}}
    141 
    142 === !HtPasswdStore ===
    143  '''Package''':: acct_mgr.htfile
    144 
    145 Used to store passwords in the htpasswd file format.
    146 
    147 {{{
    148 #!div class="important"
    149 '''Warning:''' This password method may not work with [t:TracModPython mod_python] due to a [http://tjulo.blogspot.com/2007/03/problems-with-md5-and-modpython.html bug using Python’s md5 module under mod_python].  If you experience problems try [t:TracFastCgi FastCGI], [t:wiki:TracModWSGI mod_wsgi], or [t:TracStandalone tracd].
    150 }}}
    151 
    152 To use this component to manage your password file you need to enable it as described above and add some additional configuration to [trac:TracIni trac.ini]:
    153 
    154 {{{
    155 [components]
    156 ; be sure to enable the component
    157 acct_mgr.htfile.HtPasswdStore = enabled
    158 
    159 [account-manager]
    160 ; configure the plugin to store passwords in the htpasswd format:
    161 password_store = HtPasswdStore
    162 ; with Trac < 0.10 use this instead:
    163 password_format = htpasswd
    164 
    165 ; the file where user accounts are stored
    166 ; the webserver will need write permissions to this file
    167 ; and its parent folder
    168 password_file = /var/trac/trac.htpasswd
    169 }}}
    170 
    171 === !HttpAuthStore ===
    172  '''Package''':: acct_mgr.http
    173 
    174 '''Note:''' This component requires Trac 0.10 or later
    175 
    176 Used to delegate authentication to the web server.  This allows access to be restricted based on LDAP, a password file, etc, or some combination of them.
    177 
    178 Note: This password store does not support listing/adding/removing users or changing passwords.
    179 
    180 {{{
    181 [components]
    182 ; be sure to enable the component
    183 acct_mgr.http.HttpAuthStore = enabled
    184 
    185 [account-manager]
    186 ; configure the plugin to use a page that is secured with http authentication
    187 authentication_url = http://hostname/path
    188 password_store = HttpAuthStore
    189 }}}
    190 
    191 This will generally be matched with an Apache config like:
    192 {{{
    193 <Directory /var/www/html/path>
    194    …HTTP authentication configuration…
    195    Require valid-user
    196 </Directory>
    197 }}}
    198 
    199 
    200 === LDAP ===
    201  Check [http://trac-hacks.org/ticket/1147 LDAPAuthStore] and LdapAuthStorePlugin regarding how to link LdapPlugin to AccountManagerPlugin.
    202 
    203  #1600 seems related also
    204 
    205 === !SessionStore ===
    206  '''Package''':: acct_mgr.db
    207 
    208 Stores password information in the trac database. This may give better behaviour if you have large numbers of users and are finding errors due to write contention on the password file. You must enable one or other of the hash method components. !HtDigestHashMethod is the default.
    209 
    210 {{{
    211 [components]
    212 ; be sure to enable the component
    213 acct_mgr.db.SessionStore = enabled
    214 ; choose one of the hash methods
    215 acct_mgr.pwhash.htdigesthashmethod = enabled
    216 acct_mgr.pwhash.htpasswdhashmethod = enabled
    217 trac.web.auth.loginmodule = disabled #this is important, otherwise login does not work. ref: http://www.gossamer-threads.com/lists/trac/users/41969
    218 
    219 [account-manager]
    220 password_store = SessionStore
    221 ; choose one of the hash methods
    222 hash_method = HtDigestHashMethod
    223 hash_method = HtPasswdHashMethod
    224 
    225 }}}
    226 
    227 For more information see:
    228   http://www.mailinglistarchive.com/trac-users@googlegroups.com/msg03696.html
    229 
    230 For sample configuration settings see  [wiki:SessionStoreSampleSettings sample-settings]
    231 === !SvnServePasswordStore ===
    232  '''Package''':: acct_mgr.svnserve
    233 
    234 Allows Trac to use SVN users (may be in addition to Trac users). SVN server configuration option should be "svnserve". For more information, read chapter 6 of [http://svnbook.red-bean.com/ SVN book].
    235 
    236 {{{
    237 [components]
    238 ; be sure to enable the component
    239 acct_mgr.svnserve.* = enabled
    240 acct_mgr.svnserve.svnservepasswordstore = enabled
    241 ; choose one of the hash methods
    242 acct_mgr.pwhash.htdigesthashmethod = enabled
    243 acct_mgr.pwhash.htpasswdhashmethod = enabled
    244 
    245 [account-manager]
    246 password_store = SvnServePasswordStore
    247 password_file = /path/to/svn/repos/conf/passwd
    248 ; choose one of the hash methods
    249 hash_method = HtDigestHashMethod
    250 hash_method = HtPasswdHashMethod
    251 }}}
    252 
    253 NB : `password_file` points to a file which defines users/passwords this way : `user = password`
    254108
    255109=== !AccountManagerAdminPage ===