Ticket #3 (assigned task)

Opened 8 years ago

Last modified 8 years ago

Trac authentication needs to be simple, easy, and automated

Reported by: raymond Owned by: bradm
Priority: major Milestone: Sysadmin
Component: website Version: NA
Keywords: Cc:

Description

Right now Trac is using .htaccess files to control access. Unfortunately that means that only people with .htaccess entries can log tickets.

We could remove access control restrictions which would allow anyone to log tickets - but that would open us up to spam.

Ideally we would either piggy-back off the wiki.humbug.org.au Authentication or have a simple registration process like http://moneydance.com/trac/

Change History

comment:1 Changed 8 years ago by raymond

  • Owner changed from somebody to raymond
  • Status changed from new to accepted

comment:2 follow-up: ↓ 4 Changed 8 years ago by gjb

  • Cc gjb added

For the benefit of anybody looking to login to trac now, first login to excalibur, then run

  sudo htpasswd /srv/trac/sysadmin/.htpasswd mylogin

replacing "mylogin" with the login you want to use. Then provide a password twice when prompted, and then you're done.

comment:3 Changed 8 years ago by raymond

  • Priority changed from blocker to major

I have added a guest/guest account and updated the wiki with the information. As an interim measure this will let those without excalibur access login and enter new tickets.

Because members can now enter tickets, I am dropping the priority on this task.

comment:4 in reply to: ↑ 2 Changed 8 years ago by raymond

Replying to gjb:

For the benefit of anybody looking to login to trac now, first login to excalibur, then run

  sudo htpasswd /srv/trac/sysadmin/.htpasswd mylogin

replacing "mylogin" with the login you want to use. Then provide a password twice when prompted, and then you're done.

If the user is also a systems administrator, then they should also have admin rights to Trac:

sudo trac-admin . permission add $I TRAC_ADMIN

(This has been done for existing accounts.)

comment:5 Changed 8 years ago by gjb

  • Cc gjb removed

comment:6 Changed 8 years ago by raymond

Determined that we need an LDAP backend to do anything sensible with Trac. Have logged ticket Ticket #7 for this.

Will return to the Trac work once we have a working LDAP.

comment:7 Changed 8 years ago by bradm

  • Owner changed from raymond to bradm
  • Status changed from accepted to assigned

Taking this ticket for now on the basis that I'm working on the LDAP side of things.

comment:8 Changed 8 years ago by bradm

Setup basic LDAP auth for Trac in test, sent an email to sasig asking for some feedback about how we are going to populate the directory. Awaiting response before progressing anymore

Note: See TracTickets for help on using tickets.