Changes between Version 26 and Version 27 of CookBook/AccountManagerPluginConfiguration
- Timestamp:
- Mar 28, 2023, 8:55:56 PM (12 months ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
CookBook/AccountManagerPluginConfiguration
v26 v27 11 11 '''General hints:''' 12 12 * Content for different section grouped in one example must be used together. 13 * Option names are written in !CamelCase style notation , but will get (re-)written all-lowercase, if added/updated via the Trac admin web-UI. As you see, case doesn't really matter here.14 15 == Basic configuration /Kickstart16 17 !AccountManagerPlugin replaces the traditional Trac login feature with a webform, because [wiki:AccountManagerPlugin/Modules#LoginModule LoginModule] is enabled in all examples below.13 * Option names are written in !CamelCase style notation in this !CookBook, but will get (re-)written to lowercase under the hood once added/updated via the Trac admin web user interface. 14 15 == Basic configuration 16 17 The !AccountManagerPlugin replaces the traditional Trac login feature with a webform, because [wiki:AccountManagerPlugin/Modules#LoginModule LoginModule] is enabled in all examples below. 18 18 19 19 === !HtPasswdStore … … 113 113 === Create users 114 114 115 Create the first user through browser-based registration enabled by following additional lines in `components` section of `trac.ini`:115 Create the first user through browser-based registration enabled by following additional lines in the `components` section of `trac.ini`: 116 116 {{{#!cfg 117 117 [components] … … 127 127 Or just use the plugins admin page form Trac's web interface, after you've given admin privileges to the first user you created. 128 128 129 === Awardan existing user account for Trac admin129 === Grant an existing user account for Trac admin 130 130 131 131 {{{#!sh … … 184 184 }}} 185 185 186 If you made this change to an existing setup ,and encounter login problems afterwards, check the cookies stored in your browser. If it holds any `trac_auth` cookies with a path other than the one defined by `auth_cookie_path`, you might have to remove those as they might conflict.187 188 Hint: Even if this setting has been introduced in Trac 0.12, it could be set in `trac.ini` for older Trac versions, and !AcctMgr will use it, specifically providing a cookie path fix-up for `trac_auth` cookies generated by Trac 0.11 and above.186 If you made this change to an existing setup and encounter login problems afterwards, check the cookies stored in your browser. If it holds any `trac_auth` cookies with a path other than the one defined by `auth_cookie_path`, you might have to remove those as they might conflict. 187 188 '''Note''': Even if this setting has been introduced in Trac 0.12, it could be set in `trac.ini` for older Trac versions, and !AcctMgr will use it, specifically providing a cookie path fix-up for `trac_auth` cookies generated by Trac 0.11 and above. 189 189 190 190 An inherited `trac.ini` file is perfect for sharing this common setting and more between several Trac environments. Additionally delete existing `trac_auth` browser cookies. This is a one-time cleanup and only necessary to avoid unexpected login results after a cookie path changes. Of course logging out in one Trac environment will terminate the authenticated session for all participants sharing authentication as indicated by the equal cookie path setting. A mixed setup containing both authentication sharing and non-sharing environments side-by-side is valid and works well. … … 223 223 ==== Fixed login retry delay 224 224 225 Fixed delay time regardless of number of successive failed login attempts 225 Fixed delay time regardless of number of successive failed login attempts. 226 226 227 227 {{{#!cfg … … 247 247 * timed account locked release after a time, that depends on failed login attempt history like so: 248 248 249 Tab. 1: lock time progression (factor 2) 249 '''Table 1''': lock time progression with factor 2: 250 250 ||attempt count ||delay time in seconds ^![1]^|| 251 251 ||0 ||0 … … 265 265 ||26 ||1 a 23 d || 266 266 ||.. ||.. || 267 267 268 ^![1]^ time after previous failed login attempt 268 269 … … 280 281 * timed account locked release after a time, that depends on failed login attempt history and is limited to max. 24 hours like so: 281 282 282 Tab. 2: lock time progression (factor 5) 283 '''Table 2''': lock time progression with factor 5: 283 284 ||attempt count ||delay time in seconds || 284 285 ||0 ||0 ||