Re: [Trac] Migration to AccountManagerPlugin, user can login without password
On Wednesday, June 26, 2019 at 1:36:04 AM UTC-7, Mo wrote: > > Most questions about the configuration and RegEx have been answered by the > sophisticated GUI configuration wizard. > However the "Apply" to write the configuration does not work, it just > waits for refresh... > However the output of the plain configuration is useful and I just merged > that into my configuration manually. > Is your trac.ini and the environment conf directory writable by the webserver? If you can save configuration from the Admin page, such as Logging options, then the directory and file are writable. - Ryan -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/f7bbf00f-6e76-44cf-8094-0b749db59ca0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Migration to AccountManagerPlugin, user can login without password
Most questions about the configuration and RegEx have been answered by the sophisticated GUI configuration wizard. However the "Apply" to write the configuration does not work, it just waits for refresh... However the output of the plain configuration is useful and I just merged that into my configuration manually. -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/51c7475d-0a22-4a03-82c6-b7c869f95660%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Migration to AccountManagerPlugin, user can login without password
Eventhough the user was not existing anymore, it seems that some single user permission rules in /admin/general/perm were blocking. So I need to remove all of them first, and recreate later. Actually this is the correct behaviour when I think about that some rule of a non-existing user exists, and somebody anonymous fetches this username... We are going to have a self-Registering phase and close that after all users have registered. How is that done? Just disabling the RegistrationModule? Is it true, that without this plugin and using the htpasswd auth by the webserver, it is not possible for users to change their password? If true, then this plugin is required for us. What is the meaning of all the acct_mgr.model.* modules like AttachmentUserIdChanger? Those are all disabled here. After enabling they get disabled again. As for the /login directive in the webserver, the plugin docs say this is still required, is that true or just removing the complete /login section? # Some options like AuthType and AuthUserFile Require valid-user What about [account-manager] email_regexp = your_regex Is it possible to make a rule here matching the domain like this? email_regexp = .*@company.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/a8154dd3-7efb-4a85-8a0b-96c78219445a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Migration to AccountManagerPlugin, user can login without password
Am Dienstag, 25. Juni 2019 20:22:09 UTC+2 schrieb RjOllos: > > > On Tue, Jun 25, 2019 at 10:44 AM Mo > > wrote: > >> Hi, we migrated from Trac 1.2 to 1.2.3. We also switched from webserver >> htpasswd to AccountManagerPlugin using htdigest. >> > > Did you remove the handler (Location directive) for /login in your web > server configuration? If not, the web server will intercept and route the > request. > That solved it, thanks. > Please share you [account-manager] section from trac.ini > [account-manager] allow_delete_account = disabled htdigest_file = /mnt/data/trac/projects/trac/trac.htdigest htdigest_realm = trac login_attempt_max_count = 3 password_store = HtDigestStore persistent_sessions = enabled reset_password = enabled user_lock_time = 30 However, self registration is not possible. For instance, I did trac-admin ... session delete ThisUser. Then we try to register ThisUser, and Trac says the user already exists: Warning: Another account or group already exists, who's name differs from ThisUser only by case or is identical. I try to filter the relevant log lines: Trac[main] DEBUG: Dispatching Trac[main] DEBUG: Chosen handler is Trac[session] DEBUG: Retrieving session for ID '731b3375eb2b2e1ea2a15538' Trac[chrome] DEBUG: Prepare chrome data for request Trac[perm] DEBUG: No policy allowed anonymous performing DISCUSSION_VIEW on None Trac[perm] DEBUG: No policy allowed anonymous performing XML_RPC on None Trac[perm] DEBUG: No policy allowed anonymous performing ROADMAP_VIEW on None Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_CREATE on None Trac[perm] DEBUG: No policy allowed anonymous performing SEARCH_VIEW on None Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_VIEW on None Trac[perm] DEBUG: No policy allowed anonymous performing DISCUSSION_ADMIN on None Trac[perm] DEBUG: No policy allowed anonymous performing ACCTMGR_CONFIG_ADMIN on None Trac[perm] DEBUG: No policy allowed anonymous performing ACCTMGR_USER_ADMIN on None Trac[perm] DEBUG: No policy allowed anonymous performing VERSIONCONTROL_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing PROJECT_SETTINGS_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing TRAC_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TRAC_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing PERMISSION_GRANT on Trac[perm] DEBUG: No policy allowed anonymous performing PERMISSION_REVOKE on Trac[perm] DEBUG: No policy allowed anonymous performing TRAC_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing BLOG_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on None Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on Trac[perm] DEBUG: No policy allowed anonymous performing REPORT_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing TIMELINE_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing WIKI_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing WIKI_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing BLOG_VIEW on Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_VIEW_HOURS on None Trac[perm] DEBUG: No policy allowed anonymous performing QUIET_MODE on None Trac[main] DEBUG: Rendering response from handler Trac[perm] DEBUG: No policy allowed anonymous performing EMAIL_VIEW on None Trac[XMailEMailModule] DEBUG: +++ init EMailEventHandler Trac[main] DEBUG: Dispatching Trac[main] DEBUG: Chosen handler is Trac[session] DEBUG: Retrieving session for ID '731b3375eb2b2e1ea2a15538' -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/d8b82468-b100-400d-88a3-476312937551%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Migration to AccountManagerPlugin, user can login without password
On Tue, Jun 25, 2019 at 10:44 AM Mo wrote: > Hi, we migrated from Trac 1.2 to 1.2.3. We also switched from webserver > htpasswd to AccountManagerPlugin using htdigest. > Did you remove the handler (Location directive) for /login in your web server configuration? If not, the web server will intercept and route the request. > The reason was I would like to make it possible for people to self > register. > Then before it was not possible for people to set their own password. > As far as I know this all is only possible with the AccountManagerPlugin. > > This all works fine. The admin/accounts/users are empty and I like to make > all register themselve. > > Now I see a weird isse. One user with its browser session is still able to > login. After logout and login he is logged in whithout password. I can't > reproduce this with an empty browser profile. > After he logged in, I see in trac-admin project session list: > > SID:TheUser > Auth:1 > Last Visit: > All the rest is empty. > > After deleting this session the user can still login. There is no entry > about that user in the htdigest file that is configured with htdigest_file. > How can that be? I like all users to re-register, but after testing with > one user it seems that all can login without password. > > Best regards > Please share you [account-manager] section from trac.ini -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/CA%2BBGpn_JuN1rh%3DNS2xM455PV7Us6ym6Cgk4OVPKZpCKsRtP74A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Trac] Migration to AccountManagerPlugin, user can login without password
Hi, we migrated from Trac 1.2 to 1.2.3. We also switched from webserver htpasswd to AccountManagerPlugin using htdigest. The reason was I would like to make it possible for people to self register. Then before it was not possible for people to set their own password. As far as I know this all is only possible with the AccountManagerPlugin. This all works fine. The admin/accounts/users are empty and I like to make all register themselve. Now I see a weird isse. One user with its browser session is still able to login. After logout and login he is logged in whithout password. I can't reproduce this with an empty browser profile. After he logged in, I see in trac-admin project session list: SID:TheUser Auth:1 Last Visit: All the rest is empty. After deleting this session the user can still login. There is no entry about that user in the htdigest file that is configured with htdigest_file. How can that be? I like all users to re-register, but after testing with one user it seems that all can login without password. Best regards -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at https://groups.google.com/group/trac-users. To view this discussion on the web visit https://groups.google.com/d/msgid/trac-users/4eca4a04-c4d4-4a4a-bb9b-cb2897e916f0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
