multiple separate projects single Trac install
42 views
Skip to first unread message
William Chappell
Nov 2, 2016, 2:28:30 PM11/2/16
to Trac Users
I am successfully running multiple independent projects (environments) using Ubuntu 16.04, apache2, and Trac 1.0.13, using mod_python, Virtual Hosts, and separate htpasswd files.
What does not work for me is to use TracAccountManager to allow users to change their own passwords. The best that I could get is that the first project I enabled has full function and I must totally excise all reference to and the egg for TracAccountManager from the other projects and specifically enable the loginmodule in those other projects to even allow logins. However, I cannot edit and save pages in those other projects.
When I move TracAccountManager to a different project, then I cannot edit and save pages in the first project, only in the project with access to TracAccountManager, _but_ the Account tab does not show up in the second project under Preferences.
I have looked but cannot find an alternative to TracAccountManager, because I see other people have had trouble with multiple projects even using a TracEnvParentDir, which is not an option for me.
Thanks.
What does not work for me is to use TracAccountManager to allow users to change their own passwords. The best that I could get is that the first project I enabled has full function and I must totally excise all reference to and the egg for TracAccountManager from the other projects and specifically enable the loginmodule in those other projects to even allow logins. However, I cannot edit and save pages in those other projects.
When I move TracAccountManager to a different project, then I cannot edit and save pages in the first project, only in the project with access to TracAccountManager, _but_ the Account tab does not show up in the second project under Preferences.
I have looked but cannot find an alternative to TracAccountManager, because I see other people have had trouble with multiple projects even using a TracEnvParentDir, which is not an option for me.
Thanks.
Geert Linders
Nov 11, 2016, 5:41:07 PM11/11/16
to Trac Users
Hi William,
Trac has support for LDAP.
We used the account manager before, but switched to LDAP so people only have to change their password in one location and we can uniquely identify each user based on their LDAP account.
Cheers - Geert
Trac has support for LDAP.
We used the account manager before, but switched to LDAP so people only have to change their password in one location and we can uniquely identify each user based on their LDAP account.
Cheers - Geert
William Chappell
Nov 11, 2016, 6:34:57 PM11/11/16
to Trac Users
Thanks, Geert.
I found a simple way forward by moving outside of Trac to Apache, since the authentication method I am using actually belongs to Apache.
The starting point is here http://www.perlmonks.org/?node_id=178482.
Many thanks to greenFox.
I made 3 modifications. First, I changed the value of my %settings (htpasswd) to the specific name of the project's password file.
Second, instead of using
Third, I was able to make the CGI textfield not "sticky" without putting debris into the user_id textfield by adding "-override => 1" to the "old_passwd" cgi->password_field and changing the -value => '' (meaning empty string) to 'Password', which means that the user_id and old_passwd are cleared every time the form is displayed to the user. Someone using that PC and browser later is not rewarded with any information from the last use of the form.
Other than enabling CGI, all I had to do was download and install Crypt-PasswdMD5 and Apache-Htpasswd.
I do not normally program in Perl, but I was able to look up everything and get this working in an afternoon.
Hope this helps someone else.
Bill
I found a simple way forward by moving outside of Trac to Apache, since the authentication method I am using actually belongs to Apache.
The starting point is here http://www.perlmonks.org/?node_id=178482.
Many thanks to greenFox.
I made 3 modifications. First, I changed the value of my %settings (htpasswd) to the specific name of the project's password file.
Second, instead of using
$settings{user} = $ENV{REMOTE_USER};
I created a new field "user_id" and used $data{user_id} instead in the rest of the script. This means that the user does not have to be logged in to use the script -- all data used by the script comes directly from the user interacting with the script. (I was forced this way by my inability to run this script from a logged-in Trac session. The failure mode was kind of funny to see.)Third, I was able to make the CGI textfield not "sticky" without putting debris into the user_id textfield by adding "-override => 1" to the "old_passwd" cgi->password_field and changing the -value => '' (meaning empty string) to 'Password', which means that the user_id and old_passwd are cleared every time the form is displayed to the user. Someone using that PC and browser later is not rewarded with any information from the last use of the form.
Other than enabling CGI, all I had to do was download and install Crypt-PasswdMD5 and Apache-Htpasswd.
I do not normally program in Perl, but I was able to look up everything and get this working in an afternoon.
Hope this helps someone else.
Bill
RjOllos
Nov 18, 2016, 10:18:22 AM11/18/16
to Trac Users
On Wednesday, November 2, 2016 at 11:28:30 AM UTC-7, William Chappell wrote:
I am successfully running multiple independent projects (environments) using Ubuntu 16.04, apache2, and Trac 1.0.13, using mod_python, Virtual Hosts, and separate htpasswd files.
What does not work for me is to use TracAccountManager to allow users to change their own passwords. The best that I could get is that the first project I enabled has full function and I must totally excise all reference to and the egg for TracAccountManager from the other projects and specifically enable the loginmodule in those other projects to even allow logins.
You should install the plugin so that it's shared for all projects. See:
However, I cannot edit and save pages in those other projects.
If you are authenticated but cannot edit/save, then you need to modify the permissions for those projects.
When I move TracAccountManager to a different project, then I cannot edit and save pages in the first project, only in the project with access to TracAccountManager, _but_ the Account tab does not show up in the second project under Preferences.
I have looked but cannot find an alternative to TracAccountManager, because I see other people have had trouble with multiple projects even using a TracEnvParentDir, which is not an option for me.
Thanks.
I'm unsure about your follow-up post. It sounds like you want to configure authentication through Apache, in which case see:
You should be able to change passwords in the htdigest file through AccountManager even if Apache is configured to handle the authentication.
- Ryan
Reply all
Reply to author
Forward
0 new messages