Changes between Version 21 and Version 22 of AccountManagerPlugin/AuthStores
- Timestamp:
- Jan 9, 2012, 6:38:35 PM (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
AccountManagerPlugin/AuthStores
v21 v22 82 82 Used to delegate authentication to the web server. This allows access to be restricted based on LDAP, a password file, etc, or some combination of them. 83 83 84 Note: If you are using the WSGI Apache interpreter instead of mod_python (pretty much required if using RHEL6), it is difficult to get !HttpAuthStore to work with versions prior to acct_mgr-0.4. Upgrading is recommended. 85 84 86 Note: This password store does not support listing/adding/removing users or changing passwords. 85 87 … … 91 93 [account-manager] 92 94 ; configure the plugin to use a page that is secured with http authentication 93 authentication_url = http://hostname/trac/authFile95 authentication_url = /authFile 94 96 password_store = HttpAuthStore 95 97 }}} 98 Note: Only absolute URLs are supported in acct_mgr-0.3. 96 99 97 100 This will generally be matched with an Apache config like: 98 101 {{{ 99 <Location / trac/authFile>102 <Location /authFile> 100 103 …HTTP authentication configuration… 101 104 Require valid-user … … 106 109 [account-manager] 107 110 ; configure the plugin to use a page that is secured with http authentication 108 authentication_url = http://hostname/trac/project1/authFile111 authentication_url = /project1/authFile 109 112 password_store = HttpAuthStore 110 113 }}} 114 Note: Only absolute URLs are supported in acct_mgr-0.3. 111 115 112 116 This could then be matched with an Apache config like: 113 117 {{{ 114 <LocationMatch ^/ trac/[^/]+/authFile$>118 <LocationMatch ^/[^/]+/authFile$> 115 119 …HTTP authentication configuration… 116 120 Require valid-user 117 121 </Location> 118 122 }}} 119 Note that '''authFile''' must exist, and be a file (not directory) that can be accessed via ''authentication_url''. 120 121 '''IMPORTANT:''' Be sure to test your configuration by attempting a login with a valid user and '''invalid''' password to ensure that your Apache <Location> or <!LocationMatch> section is getting executed. If it is not, you will be able to log in with an invalid password. 123 Note that, new with acct_mgr-0.4, '''authFile''' no longer needs to actually exist, nor be a file (not directory) that can be accessed via ''authentication_url''. 124 125 '''IMPORTANT:''' Be sure to test your configuration by attempting a login with a valid user, and both a valid and '''invalid''' password to ensure that your Apache <Location> or <!LocationMatch> section is getting executed. If it is not, you will be able to log in with an invalid password. 126 127 Note: If you are having trouble getting !HttpAuthStore to work, enable DEBUG-level logging, and check for HttpAuthStore messages in your project's Trac log file. 122 128 123 129 == !SessionStore ==