a142964db8
acct_mgr-0.4.2 (27-Dec-2012) - branch 0.11 resolved issues * #10730: AccountGuard.lock_time effectively disables account locking acct_mgr-0.4.1 (26-Dec-2012) - branch 0.11 resolved issues * #5964: Prevent multiple calls to LoginModule._remote_user() by re-using a flag introduced for account locking * #8545: Authentication always fails by introducing authentication attempt debug logging and a new option 'environ_auth_overwrite' for additional control over REMOTE_USER's value * #10134: HttpAuth login throws traceback * #10625: AssertionError in trac.db.pool.PooledConnection.__del__ * #10700: AccountModule._do_reset_password discards error from _reset_password * #10701: Reset password reports `Cannot find ... "IPasswordHashMethod"` * several fixes for unreported account guard issues acct_mgr-0.4 (01-Dec-2012) - branch 0.11 resolved issues * #3459: Authentication information not available * #4677: Admin based chaining HtDigestStore & HtPasswdStore breaks config by adding dedicated options 'htdigest_file' and 'htpasswd_file' * #5691: No cookie warning shown when trying to log in with Konqueror * #6616: Invalid entries for usernames in table by adding a cleaner macro implementation outside of `UserStatsMacro` * #8685: User deletion ordering breaks 'deleted' notification for SessionStore * #8770: AttributeError: Cannot find implementation of "IPasswordHashMethod" * #8990: HtPasswdStore and SessionStore with HtPasswdHashMethod share option by adding dedicated options 'db_htpasswd_hash_type' and 'db_htdigest_realm' * #9052: acct_mgr.web_ui.emailverificationmodule - Doesn't send email * #9079: PostgreSQL: Database error when creating new user with attributes * #9090: AccountManager plugin does not email after user registration * #9139: SvnServePasswordStore and case sensitivity * #9246: InternalError when refresh_passwd = true * #9252: All session attributes are deleted when user logs in first time * #9547: Option `persistent_sessions` is not working in `0.4dev-r10747` * #9843: New user missing in 'session' table. * #9940: Admin unable to reset password * #10023: SQL Injection in acct_mgr.api.AccountManager.lastseen() * #10028: Account delete does not purge user's auth cookie * #10123: Registration with EmailVerification should instruct more clearly * #10204: Users can delete their email address even when verify_email=true * #10276: "Unknown preference panel" when logging out from account tab * #10397: Don't allow username with all capital letters * #10412: acct_mgr-0.4dev breaking 2.4 compatibility * #10594: Some options' docs are missing * #10644: Add a real license * do AccountManager class API cleanup by moving db access to model layer * prevent duplicate action entries in Trac core permission select box new features * #874: Add new fields to register form and a registration validation system * #5295: Add optional username regexp to registration checks * #7577: Prevent spammers from registering * #8076: Add optional account email regexp to registration checks * #8791: Obsolete patch needed for authentication against Jira by adding sha256/sha512 hash support (needs `passlib` or extended `crypt`) * #9618: HttpAuthStore authentication enhancement by allowing a relative URL for `authentication_url` configuration option * #9676: Incorporate optional Single-Sign-On functionality * #9852: Embed some user information in TracWiki by introducing WikiMacros `ProjectStats` and `UserQuery` * #10142: Allow admin to override verification status * add recursion to option parser for configuration admin page and provide available valid values for an `ExtensionOption` like `IPasswordHashMethod` by a select field (dropdown box) - or meaningful message on missing options * add cleanup page for purging `session_attribute` db table via admin web UI * add randomized authentication cookie ID refreshment, average refresh rate controlled by new option `cookie_refresh_pct` * switch to case-less username duplicate checking * add unit tests i.e. for hash creation and re-written registration checks to significantly extend code coverage * add Trac style shading of odd/even rows to user lists
24 lines
1.1 KiB
Text
24 lines
1.1 KiB
Text
The AccountManager offers features for managing user accounts and more:
|
|
|
|
* enable authentication through a number of built-in authentication
|
|
resources and some more by 3rd party extensions
|
|
* allow users to register new accounts
|
|
* login via an HTML form instead of using HTTP authentication
|
|
* allow existing users to change their passwords or delete their accounts
|
|
|
|
These features are new in the plugin for Trac 0.10.
|
|
|
|
* send a new password to users who've forgotten their password
|
|
* administration of user accounts
|
|
|
|
These features are new in the plugin for Trac 0.11 and later
|
|
* login failure tracking and rule based account locking (temporary or
|
|
permanent lock)
|
|
* per-account details admin page
|
|
* password hash refresh and store migration on user login
|
|
* i18n support (requires Trac 0.12 or later)
|
|
* account meta-data listing from Trac db table session_attribute, with
|
|
cleanup option
|
|
* Single-Sign-On functionality for applications with multiple Trac
|
|
environments per domain/host
|
|
* mostly account-/user-related WikiMacros
|