Changes between Version 2 and Version 3 of TracAuthenticationIntroduction

Timestamp:

Jan 28, 2005, 12:52:13 AM (19 years ago)

Author:

Christopher Lenz

Comment:

Added some notes

TracAuthenticationIntroduction

@@ -31 +31 @@
 }}}
 
+''Note that in the current version of Trac, you will still see the '''logout''' link above the navigation bar, even though the link will not work (i.e. do nothing).''
+
 == Optional Authentication For The Trac Installation ==
 
@@ -49 +51 @@
 }}}
 
+''Note that optional login requires cookies.''
+
 == Issues ==
 
 You really do want your subversion repository to be using the same names as the Trac authentication names so that labelling of changesets matches with names assigned to tickets etc.  This means there is a great advantage in using DAV access to the subversion database and sharing the authentication (password) files between Trac and the WebDAV areas (maybe using group access to give a subset of the users access to the subversion database), although this can be done in other ways.
 
-In the authentication methods shown here the password travels in clear over the network.  You can use Digest authentication to prevent the clear text password going over the network, but this can still be sniffed and replayed.  If you require greater security then you really ''should'' use SSL for encryption, or another means of access control.
+In the authentication methods shown here the password pretty much travels in clear text over the network.  You can use Digest authentication to prevent the clear text password going over the network, but this can still be sniffed and replayed.  If you require greater security then you really ''should'' use SSL for encryption, or another means of access control.