#599 closed enhancement (invalid)
Enhanced auth_cookie behavior
| Reported by: | Owned by: | Jonas Borgström | |
|---|---|---|---|
| Priority: | low | Milestone: | |
| Component: | general | Version: | 0.7.1 |
| Severity: | normal | Keywords: | logout |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
I'm running trac and used the ReWriteEngine to support multiple projects. But Logout does not work anymore. I saw, that trac uses a session cockie. Info from Mozilla Firebird: Name: trac_auth Content: 04be779069adc4096e3c6ab841be3cea Host: cartman Path/projects/<someproject> Server Secure: no Expires: at end of session Policy: no policy about storing identifiable information
So it would be nice, if you could add authentification-information in the trac-db: For each cookie a 'loggend_in' variable. (So if the user klicks on 'Logout', you could store 'false' in it.) A timestamp for the last login would also be nice, so that a session runs out after e.g. 8h of no action)
It would also be cool if you could support that 'logged_in'-variable with trac-admin. The reason is: Here in my company we use 3 components: Trac, SVN, and a selfmade PHP-programmed userinterface for adding/modifying new users, projects, permissions… And we use the same authentication system for all these three components. So if i want to log-out at one component (but don't want to close the browser!), i also should be logged-out at the other components.
So I need a new trac-command for asking the logged_in-state: 'trac-admin <path-to-project> logged_in 04be779069adc4096e3c6ab841be3cea' Result: =⇒ coockie not found or =⇒ 04be779069adc4096e3c6ab841be3cea loggend_in = TRUE or =⇒ 04be779069adc4096e3c6ab841be3cea loggend_in = TRUE
and a new trac-command for setting the logged_in-state: 'trac-admin <path-to-project> login 04be779069adc4096e3c6ab841be3cea StefanW' or 'trac-admin <path-to-project> logout 04be779069adc4096e3c6ab841be3cea StefanW'
BTW trac&svn are great!
Attachments (0)
Change History (5)
comment:1 by , 20 years ago
| Milestone: | → 0.8 |
|---|
comment:2 by , 20 years ago
| Priority: | normal → low |
|---|---|
| Severity: | normal → enhancement |
| Summary: | Logout-problem → Enhanced auth_cookie behavior |
comment:3 by , 20 years ago
I'm definitely interested in this. I have all kinds of problems with switching users (i.e. logging out as User X and logging in as User Y). I see the same behavior with logout that Stefan sees, but I'm not sure of the cause. I have multiple projects set up and am using mod_python. I have had to manually delete the cookies in my browser to avoid having to close the browser (I have other tabs open that I want to keep open), just to get the log-out to take.
comment:4 by , 20 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Well, I'm continuing the portion of this on the login/logout issues on #791. However, Trac has no control over logging you out of SVN, and if you want your own PHP thing to connect with Trac's authentication it's kind of up to you to figure that one out.
If I understand you correctly:
I'm not if this just is a hack for your specific setup or if this could be usefull for others, I'll have to think about this.