Trac project login security does not work properly.

[ThomasB@…]

Recently I was promoted to Admin on a trac project. Assume that my username/password were "um_test"/"demo".

However when I attempted to login, I typed (in the popup login dialog) "um_test " with the correct password. The site said I as logged in successfully but the web page content area display "WIKI_VIEW priveleges… " error.

Unfortunately, I also told the browser to "remember" my login info. So each time I tried to login I received this error.

I finally stumbled upon the fact that my login name had an extra space. When I removed that space and logged in, everything worked correctly.

This is a very subtle, nasty bug that will make people CRAZY trying to figure out the problem.

[Emmanuel Blot]

If Trac tells you that you need WIKI_VIEW priviledges, this means that your project is configured so that you need these priviledges to get access to the wiki pages. This is not a bug, this is the expected behaviour. Use trac-admin to give WIKI_VIEW permission to the 'um_test' account.

About the browser stuff: This is not an issue in Trac, this is how authentication in HTTP protocol works. You are correctly logged in, btw. If you want to change or remove your automatic credentials, use your browser option/preference panel to clean up these data. Some browsers (such as Firefox) have also plugins to directly remove HTTP credentials. Anyway if you quit and restart your browser, it should prompt to confirm the user/password before sending them to the Trac server.

There are alternative ways to authenticate in Trac that come as plugins, and that would allow you to logout. Search ​http://trac-hacks.org to find them.

AFAICT, there's no bug here.

[Emmanuel Blot]

I may have missed one point here, sorry: is there no "um_test " account defined on your web site? In this case, this may be a bug, you're right.

[Christian Boos]

Couldn't reproduce this, tried to logged in with "cboos /…" on t.e.o. or on my own test instance running 0.11dev and the login failed.