1

I have an active Trac installation with multiple projects. I am using the AccountManagerPlugin to manage user accounts, and to allow users to manage their own accounts.

My current AccountManagerPlugin configuration looks like this:

[account-manager]
account_changes_notify_addresses = 
authentication_url = 
force_passwd_change = true
generated_password_length = 8
hash_method = HtDigestHashMethod
htdigest_realm = TracRealm
notify_actions = []
password_file = /home/sms/trac_sites/trac.htdigest
password_store = HtDigestStore
persistent_sessions = true
user_lock_max_time = 0
verify_email = false

This works great, except: Each Trac project currently requires separate authentication. The projects are unable to share their authentication cookies.

Setting auth_cookie_path = /trac does not work, because session data is stored in each project's own database; therefore one project cannot validate the cookie of another. Worse, this causes projects to overwrite each other's cookies.

Using an undocumented two-year-old monkey patch (SharedCookieAuthPlugin) seems like a bad idea.

Is there a solution?

Aaron Adams
  • 1,657
  • 16
  • 23

1 Answers1

2

SharedCookieAuthPlugin is indeed the way to go. The author of the plugin (k0s, alias Jeff Hammel) was the person who requested the auth_cookie_path option, specifically for his plugin. The fact that it hasn't been updated in two years just means that it works as it is.

Remy Blank
  • 4,236
  • 2
  • 23
  • 24
  • 1
    Actually, that just means that it's unmaintained. There are open, unresolved issues open against it, and it looks like the current version was writtwn for Trac version 0.11. Nevertheless, give it a try and see what happens. You can always remove it if you run into problems. – bta Jul 13 '11 at 12:46
  • Well, theres a single open issue, so this hardly allows concluding that it's unmaintained. Trac itself also has a few open issues, and I wouldn't call it unmaintained. But you're still right: http://trac-hacks.org/ticket/5566#comment:12 – Remy Blank Jul 13 '11 at 21:47
  • 1
    I didn't call it unmaintained because of the open issue, I called it unmaintained because the author said he wasn't maintaining it anymore :-) The plugin is also tagged as "needsadoption", which usually signals that the previous maintainer has abandoned it. – bta Jul 15 '11 at 00:52
  • I am sorry I've left this hanging so long; I simply haven't had time to try the proposed solution. I realize it's poor etiquette. I will get around to trying this. – Aaron Adams Sep 20 '11 at 05:15