Modify

Opened 8 years ago

Closed 5 years ago

#4677 closed defect (fixed)

[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration

Reported by: jerry2038 Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: major Keywords: configuration conflict
Cc: Trac Release: 0.11

Description (last modified by Steffen Hoffmann)

I am running Trac 0.11 on Centos 5.2.

I installed AccountManagerPlugin and configured an HtDigestStore module using the file trac.htdigest. Got everything working. Playing with chaining stores together (eventual goal is HtDigest + LDAP), I enabled the HtPasswdStore and then visited /trac/admin/accounts/config to configure. I set priority of HtDigestStore to 1 and priority of HtPasswdStore to 2 and set the file for HtPasswdStore to trac.htpasswd.

Clicked on save.

Visited the filename field for HtDigestStore and it had changed from trac.htdigest to trac.htpasswd.

Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

If the two cannot be changed, somehow that should be indicated to the user.

Attachments (1)

20110625_acct-mgr_fx-4677.patch (1.0 KB) - added by Steffen Hoffmann 6 years ago.
allow password file configuration per file store type

Download all attachments as: .zip

Change History (8)

comment:1 Changed 7 years ago by Steffen Hoffmann

Keywords: needinfo configuration conflict added
Owner: changed from John Hampton to Steffen Hoffmann

Q: What is «AMP»?

Anyway, the request looks reasonable enough, to try to resolve it. As I haven't done much research into the concurrent AuthStore setup special case, it'll still take some time, before I get a clue myself. Patch welcome.

comment:2 Changed 7 years ago by Steffen Hoffmann

See #5550, as it could be relevant and maybe even should be implemented together with allowing «mixed» configurations as suggested here.

Changed 6 years ago by Steffen Hoffmann

allow password file configuration per file store type

comment:3 in reply to:  description Changed 6 years ago by Steffen Hoffmann

Keywords: needinfo removed
Severity: normalmajor
Status: newassigned
Summary: AMP: Admin based chaining HtDigestStore & HtPasswdStore breaks configuration[patch] Admin based chaining HtDigestStore & HtPasswdStore breaks configuration

Replying to jerry2038:

![...] Now it maybe that these two modules cannot be chained. For instance, the ini file only specifies ONE password_file, not two.

Right, so the 1st patch (aplies on top of r10371) just does the foreseeable thing: It creates two new configuration options

  • htdigest_password_file
  • htpasswd_password_file

that must be used instead. The old password_file won't show up anymore.

While not a hack, this may still be a preliminary workaround, as I'm not sure about a good design for #5550. Patches welcome.

comment:4 Changed 6 years ago by Steffen Hoffmann

(In [10396]) AccountManagerPlugin: Add separate password files for each AbstractPasswordFileStore implementation, refs #4677.

Creates two new configuration options

  • htdigest_file
  • htpasswd_file

allow setup of HtDigestStore and HtPasswdStore with separate password files for concurrent use.

Beware: If you used one of these authentication stores before, you'll need to rename password_file option to the appropriate new option name to avoid a painful DOS situation on login. Better login before upgrading and make sure to check the account config admin page after upgrade and before logging out.

comment:5 Changed 6 years ago by Steffen Hoffmann

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

comment:6 Changed 5 years ago by Steffen Hoffmann

Description: modified (diff)

improved report text formatting

comment:7 Changed 5 years ago by Steffen Hoffmann

Resolution: fixed
Status: assignedclosed

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution, refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress, but known to require more work to resolve them satisfactorily, refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good portion of this development work.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.