-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09.01.2013 17:39, Matteo Tiraferri wrote: > Dear all, > i install trac with account manager, connected with subversion. The strange > behaviuor is that the user will be autenticated inserting any password > different by an empty string. Strange indeed.
> Subversion work's correctly, i mean it use the same password inserted in > trac, if i change password in trac change also in svn. > > This is my trac.ini: > # -*- coding: utf-8 -*- > > [account-manager] > account_changes_notify_addresses = > allow_delete_account = false > autentication_url = ? > authentication_url = > cookie_refresh_pct = 10 > db_htdigest_realm = PrimaPowerRealm > force_passwd_change = true > generated_password_length = 8 > hash_method = HtDigestHashMethod > htdigest_file = /var/www/trac/trac.htpasswd > htdigest_realm = PrimaPowerRealm > htpasswd_file = /var/www/trac/trac.htpasswd > htpasswd_hash_type = crypt Don't do that, because we do not support mixing of lines valid in htpasswd format with such valid in htdigest files. Hence the different file path. I've been very serious about making these separate, yet I didn't dream that someone would point it to the same file. Would you like to force another configuration sanity check up-on you and me? > login_attempt_max_count = 0 > login_opt_list = true > notify_actions = new,delete > password_file = Depreciated, is overwritten by htdigest_file _and_ htpasswd_file, will be finally removed in upcoming acct_mgr-0.5 (already done in current 'trunk' development branch). > password_store = > HtDigestStore,HtPasswdStore,HttpAuthStore,SessionStore,SvnServePasswordStore Huh, do you really require the chain of all these password stores? Reasons? Which on actually contains user credentials? Note, that > refresh_passwd = false is essential in your case to prevent (gradual) migration of user records to the first store supporting password changes, HtDigestStore here. Declare the exact plugin version for further discussion on the issue, please. Steffen Hoffmann -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlDt76UACgkQ31DJeiZFuHf/0ACg1DRqjCG36Hw8uceBfzPYytH+ OhEAn1cby94xS7/VidR390Vw/MIfHCvU =gWXO -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.
