Edgewall Software
Modify

Opened 16 years ago

Closed 14 years ago

#6439 closed task (worksforme)

trac could display LoginForm for not loged user's instead Error: Forbidden

Reported by: Dawid Polak <dawid@…> Owned by: Jonas Borgström
Priority: normal Milestone:
Component: general Version: devel
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

Why?

It's very confusedly (special for new users) when the first what He see is error:

Error: Forbidden WIKI_VIEW privileges are required to perform this operation on WikiStart

Simple catching this error and checking: "User is logged or not" could create much more comfortable environment to work.

Attachments (0)

Change History (11)

comment:1 by Noah Kantrowitz, 16 years ago

Resolution: worksforme
Status: newclosed

comment:2 by Dawid Polak <dawid@…>, 16 years ago

Of course that plugin can correct this problem, but I don't see any reason, why not fix it in trac core.

in reply to:  2 comment:3 by Emmanuel Blot, 16 years ago

Replying to Dawid Polak <dawid@mentax.pl>:

Of course that plugin can correct this problem, but I don't see any reason, why not fix it in trac core.

The message with WIKI_VIEW is mostly seen when anonymous user is not allowed to browse the WikiStart page, that is logging in on the system is required to access the project.

In such a case, it is usually recommended to define the permission rules (Apache) on the project root URL (i.e. http://server/trac/project) rather than only on /login (i.e. http://server/trac/project/login).

When such a configuration is enabled, the user gets prompted for his credentials whenever it attemps to access the Wiki and does not get the WIKI_VIEW error message as long as he provides a valid login/password pair.

comment:4 by Dawid Polak <dawid@…>, 16 years ago

Resolution: worksforme
Status: closedreopened

In such a case, it is usually recommended to define the permission rules (Apache) on the project …

Maybe it is true, but the 0.11 is public with LoginModule (trac.web.auth) in standard. And the Module could be correct serve for any standard installation.

Maybe the simple path can be used, especially because when system us the Apache auth, this newer occur (and can't broke anything) :

        except PermissionError, e:
		if req.authname == 'anonymous':
			req.redirect( req.href( 'login', {'referer':req.href(req.path_info)} ) )
		raise HTTPForbidden(to_unicode(e))

in source:/trunk/trac/web/main.py@6264#L237

comment:5 by Dawid Polak <dawid@…>, 16 years ago

Unfortunately - it's not complete solution.

Why?

Because (I don't know why) the wiki module in source:/trunk/trac/wiki/web_ui.py@6264#L94 check the user right's in match_request (from [5514]) .

Maybe it's some optimization hack, I don't know, but any other module don't do this in this place, and it's not look correct or compatible with TracDev/SecurityBranch

comment:6 by Emmanuel Blot, 16 years ago

Milestone: 0.11

comment:7 by Emmanuel Blot, 16 years ago

See also #6481

comment:8 by Christian Boos, 16 years ago

Keywords: verify added
Milestone: 0.11.1

comment:9 by osimons, 16 years ago

Keywords: verify removed
Milestone: 0.11.1
Resolution: duplicate
Status: reopenedclosed

This is a duplicate of #5340. This ticket contains more discussion, but the other ticket came first + contains a patch. Flipped a coin and decided to close this ticket as a duplicate. Please do continue the discussion there.

comment:10 by mrbelvedr, 15 years ago

Resolution: duplicate
Status: closedreopened

I agree this should be built into the trac core. Our system is on a hosted shared server (we do not have access to Apache at all). It would be a ten minute fix to just do as the original poster said. Or simply add a new line to the .ini where this super annoying message could be re-worded!

comment:11 by Christian Boos, 14 years ago

Resolution: worksforme
Status: reopenedclosed

In 0.12, in addition to the error message, you're also told to try to login, with a link for doing so.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.