> On Jun 1, 2015, at 9:35 AM, Josh Santangelo <[email protected]> wrote: > >> >> On May 31, 2015, at 11:06 PM, Cooke, Mark <[email protected] >> <mailto:[email protected]>> wrote: >> >>> On May 26, 2015, at 12:09 PM, RjOllos <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> On Tuesday, May 26, 2015 at 2:26:31 AM UTC-4, Cooke, Mark wrote: >>> >>> > On May 22, 2015 3:02 PM, "Josh Santangelo" >>> <[email protected] <http://stimulant.com/> <javascript:> > wrote: >>> > > >>> > > >>> > >> On May 21, 2015, at 8:53 PM, RjOllos <[email protected] >>> <http://gmail.com/> >>> <javascript:> > wrote: >>> > >> >>> > >> On Thursday, May 21, 2015 at 2:23:50 PM UTC-7, Josh >>> Santangelo wrote: >>> > >>> >>> > >>> I ran the 1.0.6 MSI, but it seemed to break LDAP >>> authentication. When I >>> > browse to trac I see: >>> > >>> >>> > >>> Traceback (most recent call last): >>> > >>> File "C:\Python27\lib\site-packages\trac\web\api.py", >>> line 559, in >>> > send_error >>> > >>> data, 'text/html') >>> > >>> File "C:\Python27\lib\site- >>> packages\trac\web\chrome.py", line 1063, in >>> > render_template >>> > >>> template = self.load_template(filename, >>> method=method) >>> > >>> File "C:\Python27\lib\site- >>> packages\trac\web\chrome.py", line 1017, in >>> > load_template >>> > >>> self.get_all_templates_dirs(), >>> auto_reload=self.auto_reload, >>> > >>> File "C:\Python27\lib\site- >>> packages\trac\web\chrome.py", line 725, in >>> > get_all_templates_dirs >>> > >>> for provider in self.template_providers: >>> > >>> File "C:\Python27\lib\site-packages\trac\core.py", line >>> 78, in >>> > extensions >>> > >>> components = [component.compmgr[cls] for cls in >>> classes] >>> > >>> File "C:\Python27\lib\site-packages\trac\core.py", line >>> 204, in >>> > __getitem__ >>> > >>> component = cls(self) >>> > >>> File "C:\Python27\lib\site-packages\trac\core.py", line >>> 140, in >>> > __call__ >>> > >>> self.__init__() >>> > >>> File "build\bdist.win32\egg\acct_mgr\web_ui.py", line >>> 75, in __init__ >>> > >>> self._write_check(log=True) >>> > >>> File "build\bdist.win32\egg\acct_mgr\web_ui.py", line >>> 79, in >>> > _write_check >>> > >>> writable = >>> self.acctmgr.get_all_supporting_stores('set_password') >>> > >>> File "build\bdist.win32\egg\acct_mgr\api.py", line 348, >>> in >>> > get_all_supporting_stores >>> > >>> for store in self.password_stores: >>> > >>> File "C:\Python27\lib\site-packages\trac\config.py", >>> line 777, in >>> > __get__ >>> > >>> option=tag.tt <http://tag.tt/ <http://tag.tt/>> >>> ("[%s] %s" % >>> (self.section, self.name <http://self.name/ <http://self.name/>> )))) >>> > >>> ConfigurationError: Cannot find implementation(s) of the >>> > <tt>IPasswordStore</tt> interface named >>> <tt>LdapAuthStore</tt>. Please check >>> > that the Component is enabled or update the option >>> <tt>[account-manager] >>> > password_store</tt> in trac.ini. >>> > >>> >>> > >>> I backed up my Python directory before the install, and >>> restoring it >>> > seems to have restored things back to working. >>> > >>> >>> > >> >>> > >> Trac 1.0.2 and later enforces that Components specified in >>> the trac.ini >>> > configuration file must be loaded. Often users find that when >>> upgrading they >>> > had errors in their configuration that passed silently prior >>> to the upgrade. >>> > >> >>> > >> Your [account-manager] password_store setting includes >>> LdapAuthStore, but >>> > the plugin is either not installed, not loading correctly due >>> to an error, or >>> > not enabled. LdapAuthStore is provided by LdapAuthStorePlugin >>> (1). Perhaps >>> > you aren't actually using that store? In that case you can >>> just removed >>> > LdapAuthStore from password_store. But if you are using the >>> plugin, and the >>> > plugin is installed and enabled, then we need to determine >>> why it's not >>> > loading. See TracTroubleshooting (2). It would also be useful >>> to confirm, >>> > before trying the upgrade again, if it is loading in Trac >>> 1.0.2. You can do >>> > that by inspecting the debug level log, as described in >>> TracTroubleshooting. >>> > > >>> > > >>> > > Thanks, it seems your suspicions about the plugin not >>> loading are correct, >>> > according to the log, which I’ve pasted below. I’m confused >>> though, since >>> > LDAP authentication does work, and has for some time. How’s >>> that possible if >>> > the plugin isn’t loading? I confirmed that the .egg files in >>> the log are >>> > indeed there. >>> > > >>> > > 2014-04-01 11:22:27,046 Trac[env] INFO: ------------------- >>> ------------- >>> > environment startup [Trac 1.0.1] ---------------------------- >>> ---- >>> > > 2014-04-01 11:22:27,079 Trac[loader] DEBUG: Adding plugin >>> > LdapAuthStorePlugin 0.3.0 from >>> c:\trac\stimulant\plugins\ldapauthstoreplugin- >>> > 0.3.0-py2.7.egg >>> > > 2014-04-01 11:22:27,079 Trac[loader] DEBUG: Adding plugin >>> LdapPlugin >>> > 0.7.0dev from c:\trac\stimulant\plugins\ldapplugin-0.7.0dev- >>> py2.7.egg >>> > > 2014-04-01 11:22:27,174 Trac[loader] DEBUG: Loading >>> > ldapauthstore.ldap_store from >>> c:\trac\stimulant\plugins\ldapauthstoreplugin- >>> > 0.3.0-py2.7.egg >>> > > 2014-04-01 11:22:27,181 Trac[loader] ERROR: Skipping >>> > "ldapauthstore.ldap_store = ldapauthstore.ldap_store": >>> > > >>> > > Traceback (most recent call last): >>> > > File "C:\Python27\lib\site-packages\trac\loader.py", line >>> 68, in >>> > _load_eggs >>> > > entry.load(require=True) >>> > > File "C:\Python27\lib\site-packages\setuptools-0.6c11- >>> > py2.7.egg\pkg_resources.py", line 1954, in load >>> > > entry = __import__(self.module_name, >>> globals(),globals(), ['__name__']) >>> > > File "build\bdist.win32\egg\ldapauthstore\ldap_store.py", >>> line 2, in >>> > <module> >>> > > File "build\bdist.win32\egg\ldapplugin\__init__.py", line >>> 2, in <module> >>> > > File "build\bdist.win32\egg\ldapplugin\api.py", line 25, >>> in <module> >>> > > ImportError: No module named ldap >>> > > 2014-04-01 11:22:27,181 Trac[loader] DEBUG: Loading >>> ldapplugin.api from >>> > c:\trac\stimulant\plugins\ldapplugin-0.7.0dev-py2.7.egg >>> > > 2014-04-01 11:22:27,187 Trac[loader] ERROR: Skipping >>> "ldapplugin.api = >>> > ldapplugin.api": >>> > > >>> > > Traceback (most recent call last): >>> > > File "C:\Python27\lib\site-packages\trac\loader.py", line >>> 68, in >>> > _load_eggs >>> > > entry.load(require=True) >>> > > File "C:\Python27\lib\site-packages\setuptools-0.6c11- >>> > py2.7.egg\pkg_resources.py", line 1954, in load >>> > > entry = __import__(self.module_name, >>> globals(),globals(), ['__name__']) >>> > > File "build\bdist.win32\egg\ldapplugin\__init__.py", line >>> 2, in <module> >>> > > File "build\bdist.win32\egg\ldapplugin\api.py", line 25, >>> in <module> >>> > > ImportError: No module named ldap >>> > >>> > -----Original Message----- >>> > From: [email protected] <http://googlegroups.com/> >>> <javascript:> [mailto:trac- >>> [email protected] <http://googlegroups.com/> <javascript:> ] On >>> > Behalf Of Ryan Ollos >>> > >>> > It looks like it's not finding the Python ldap package. You >>> might be able to >>> > install that from pypi. >>> > >>> > https://pypi.python.org/pypi/python-ldap >>> <https://pypi.python.org/pypi/python-ldap> >>> <https://pypi.python.org/pypi/python-ldap >>> <https://pypi.python.org/pypi/python-ldap>> >>> >>> Hmm, I think we would be better to understand how LDAP auth is >>> working >>> before fixing something that it looks like is not needed. >>> >>> Are you using apache httpd? I use Trac on Windoze and use >>> apache to >>> authenticate against our AD forest, perhaps you do the same? >>> In which >>> case you do not need the Trac ldap interface at all... >>> >>> ~ mark c >>> >>> >>> >>> Does the Apache configuration you use populate the session info such >>> as name and email address from the LDAP data store? >>> >>> -----Original Message----- >>> From: [email protected] <mailto:[email protected]> >>> [mailto:[email protected] <mailto:[email protected]>] On >>> Behalf Of Josh Santangelo >>> Sent: 31 May 2015 22:45 >>> To: [email protected] <mailto:[email protected]> >>> Subject: Re: [Trac] Updating Trac on Windows? >>> >>> Yes, I’m using Apache on Windows. I believe the original configuration was >>> based on the docs here: >>> https://trac-hacks.org/wiki/LdapPlugin >>> <https://trac-hacks.org/wiki/LdapPlugin> >>> >>> httpd.conf looks something like: >>> >>> <Location /> >>> Order deny,allow >>> Allow from all >>> AuthType Basic >>> AuthName "Stimulant Trac" >>> AuthBasicProvider "ldap" >>> AuthLDAPURL "ldap://…"; >>> AuthLDAPBindDN [email protected] >>> AuthLDAPBindPassword “..." >>> authzldapauthoritative Off >>> require ldap-group CN=Stimulant Devops,CN=Users,DC=stimulant,DC=local >>> </Location> >> >> This is definitely providing _authentication_ against LDAP as well as >> _authorisation_ in that httpd will reject users not in the specified group. >> What this does is pass the user info through to Trac in the session info >> (based on the parameters specified in the LDAP URL which can include the >> user's email). >> >> If you only need to _authorise_ users based on LDAP group membership you are >> done. Do all members of "Stimulant Devops" (via the built-in >> "authenticated" group) have the same rights or do you need finer grained >> permissions? >> >>> trac.ini looks something like: >>> >>> [ldap] >>> allusers_group = Stimulant Devops >>> basedn = dc=stimulant,dc=local >>> bind_passwd = ... >>> bind_user = cn=trac,dc=stimulant,dc=local >>> enable = true >>> group_rdn = ou=groups >>> host = ... >>> store_bind = true >>> user_rdn = ou=people >> >> Trac is repeating work done (probably more efficiently) by httpd. >> >> As I only have a small number of users per repository I manage those special >> cases through the usual Trac Admin interface (no plugins required) using >> their network login names, forced to lower case. Personally I would remove >> this plugin and the section from trac.ini. > > I removed the plugin from trac.ini and authorization still seemed to work. > > I redid the upgrade to 1.0.6 by switching my c:\python27 to the state it was > in after running the MSI. After restarting the server I saw the same error as > before rendered into the browser (Cannot find implementation(s) of the > <tt>IPasswordStore</tt> interface named <tt>LdapAuthStore</tt>). > > I commented out password_store = LdapAuthStore from trac.ini. > > Trac pages now load, but at the top it says "Error with navigation > contributor AccountModule” > > The footer also still says 1.0.1. > > I re-ran the MSI installer, but it didn’t change anything.
The trac-admin command line output says it’s 1.0.6.post2, though. trac/about shows: Trac 1.0.1 Genshi 0.7 (without speedups) mod_wsgi 3.5 (WSGIProcessGroup WSGIApplicationGroup Trac.stimulant.local|) psycopg2 2.5.2 Python 2.7.6 (default, Nov 10 2013, 19:24:18) [MSC v.1500 32 bit (Intel)] setuptools 0.6c11 jQuery 1.7.2 jQuery UI 1.8.21 jQuery Timepicker 1.0.1 -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
