The warning that the remote user was being set to empty string was throwing me, I assumed that was the issue. If that first series of Trac log messages looks OK, then I'll dig deeper on the spawn-fcgi/Resin side.
On Wednesday, April 29, 2015 at 2:17:37 PM UTC-5, Mark Antonson wrote: > > I'm trying to setup Trac authentication with the AccountManager plugin. > I'm running the FastCGI version through lighttpd's spawn-fcgi component, > hosted through Resin 3.0 (don't ask, it's already on this server and needed > to support another old application). I built the AccountManager .egg and > installed just fine. Following the instructions in the cook book to > configure for SessionStore authentication, my trac.ini has: > > [account-manager] > hash_method = HtDigestHashMethod > db_htdigest_realm = TracDB > password_store = SessionStore > reset_password = false > > [components] > trac.versioncontrol.* = disabled > trac.web.auth.loginmodule = disabled > acct_mgr.admin.* = enabled > acct_mgr.api.* = enabled > acct_mgr.db.sessionstore = enabled > acct_mgr.htfile.* = disabled > acct_mgr.http.* = disabled > acct_mgr.notification.* = enabled > acct_mgr.pwhash.htdigesthashmethod = enabled > acct_mgr.pwhash.htpasswdhashmethod = disabled > acct_mgr.register.* = enabled > acct_mgr.svnserve.svnservepasswordstore = disabled > acct_mgr.web_ui.* = enabled > acct_mgr.web_ui.resetpwstore = disabled > > I registered an account named admin and manually added the permissions per > the cook book, but when logging in it takes the username and password but > doesn't actually log you in, still browsing using anonymous. Set the trac > logging to DEBUG and this is what I see in trac.log: > > 2015-04-29 09:32:38,796 Trac[main] DEBUG: Dispatching <RequestWithSession > "POST '/login'"> > 2015-04-29 09:32:38,797 Trac[web_ui] DEBUG: LoginModule._remote_user: > Authentication attempted for 'admin' > 2015-04-29 09:32:38,799 Trac[web_ui] WARNING: LoginModule.authenticate: > 'REMOTE_USER' was set to '' > 2015-04-29 09:32:38,799 Trac[web_ui] DEBUG: LoginModule.authenticate: Set > 'REMOTE_USER' = 'admin' > 2015-04-29 09:32:38,801 Trac[session] DEBUG: Retrieving session for ID > u'admin' > 2015-04-29 09:32:38,862 Trac[main] DEBUG: Dispatching <RequestWithSession > "GET '/'"> > 2015-04-29 09:32:38,863 Trac[session] DEBUG: Retrieving session for ID > 'd8350ff6f918db420e1197ec' > 2015-04-29 09:32:38,870 Trac[chrome] DEBUG: Prepare chrome data for request > > So it appears an authentication is starting, but the REMOTE_USER is being > lost. After researching, I thought I'd found a solution in setting > the environ_auth_overwrite = false, but then the login fails with "Invalid > username or password". The trac.log shows: > > 2015-04-29 09:36:48,265 Trac[main] DEBUG: Dispatching <RequestWithSession > "POST '/login'"> > 2015-04-29 09:36:48,266 Trac[web_ui] DEBUG: LoginModule._remote_user: > Authentication attempted for 'admin' > 2015-04-29 09:36:48,269 Trac[session] DEBUG: Retrieving session for ID > 'd8350ff6f918db420e1197ec' > 2015-04-29 09:36:48,271 Trac[web_ui] DEBUG: LoginModule.process_request: > 'user_locked' = False > 2015-04-29 09:36:48,272 Trac[chrome] DEBUG: Prepare chrome data for request > > I'm not sure where to go from here in debugging this. Any help would be > appreciated. > > > -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
