Opened 14 years ago
Closed 12 years ago
#8244 closed defect (invalid)
Disabling trac from force authenticating against Apache http auth
Reported by: | h1d | Owned by: | Steffen Hoffmann |
---|---|---|---|
Priority: | normal | Component: | AccountManagerPlugin |
Severity: | normal | Keywords: | needinfo HTTP auth |
Cc: | Trac Release: | 0.12 |
Description
I want the trac instance to be protected by apache's http auth, which only has a single user/password combination to authenticate against for multiple users yet have different account for each users to log in via this account module but even when I try to turn off the trac's default http auth via 'trac.web.auth.loginmodule = disabled' and enabling account manager plugin, the apache's basic auth still applies and I'm forced to login without having a chance to use the HTML form.
Is there a way to not let trac authenticate users via http auth at all but just rely solely on this account manager plugin?
Attachments (0)
Change History (3)
comment:1 Changed 14 years ago by
Keywords: | HTTP added; http removed |
---|
comment:2 Changed 14 years ago by
Keywords: | needinfo added |
---|
Ping. Any comments? Is this answered, your issues resolved, or something still waiting for a fix?
I'd like to see a short comment, even if you're done with it. More hints are appreciated for others with similar problems seeking a solution here later on.
comment:3 Changed 12 years ago by
Resolution: | → invalid |
---|---|
Status: | new → closed |
You can't have your "trac instance to be protected by apache's http auth" but at the same time "log in via this account module". You shouldn’t attempt to use multiple concurrent ways to login at all, whether depending on the user (choose auth method based on username - as you'd like to have it, if I understand you correctly) or in general.
Well, this is still confusing me a bit. If your difficulties prevail, please read my comments above very carefully, and only if this and running recent AcctMgr version doesn't help, re-open with more unambiguous information on the issue. Thanks for taking care and creating your report anyway.
First, thanks for your interest in using AccountManagerPlugin with your Trac. Be aware of the recent maintainer change, so not everything has been cleared and settled by now. I.e. I don't favor easy-install over downloading and packaging source manually, but the documentation still refers in a way, that could be mistaken as if I would. And all except
trunk
branch are hopelessly outdated regarding recent development. I decided to just get some work done not to get distracted by doing releases in the first place. Please read the news flash on plugin's wiki page, to better see my point.Second, I consider your request a local installation/configuration issue. Even if the wiki is not clear about this (in fact it isn't on most if not all plugins's wiki pages), we think of the ticket system as a tool for development issues and favor the mailing-list for things like your request.
Replying to h1d:
I'm quite sure, I don't understand every bit of this paragraph.
Sure, I do each day. :-) And most probably you'll see as well, that there is no defect regarding this functionality. But technically spoke AcctMgr just extends Trac's authentication (even it's very own auth.LoginModule) and embeds itself into Trac's session management. So it's more Apache vs. AcctMgr+Trac, but certainly not AcctMgr alone in that sense. However you can rely on AcctMgr to do all your user account and password management.