Edgewall Software

Changes between Initial Version and Version 1 of TracDev/PluginDevelopment/ExtensionPoints/trac.web.api.IAuthenticator


Ignore:
Timestamp:
Apr 6, 2012, 6:14:48 PM (10 years ago)
Author:
Peter Suter
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • TracDev/PluginDevelopment/ExtensionPoints/trac.web.api.IAuthenticator

    v1 v1  
     1== Extension Point : ''IAuthenticator'' ==
     2
     3||'''Interface'''||''IAuthenticator''||'''Since'''||0.9||
     4||'''Module'''||''trac.web''||'''Source'''||[source:trunk/trac/web/api.py api.py]||
     5
     6An ''IAuthenticator'' authenticates users' web requests.
     7
     8== Purpose ==
     9
     10Trac allows anonymous and authenticated users. Users are by default authenticated when they can login via basic HTTP authentication.
     11
     12This default authentication process can be replaced or augmented by plugins implementing IAuthenticator.
     13
     14== Usage ==
     15
     16Implementing the interface follows the standard guidelines found in [wiki:TracDev/ComponentArchitecture] and of course [wiki:TracDev/PluginDevelopment].
     17
     18The only functionality required of an IAuthenticator is to return a username for any given request (or `None` if the request can not be authenticated).
     19
     20Here usually things like `req.remote_addr` (the user's IP address), `req.remote_user` (the user's HTTP name) and `req.incookie` (cookies) are useful.
     21
     22The default implementation `trac.web.auth.LoginModule` also provides authentication cookie management with various [TracIni#trac-section options] and the ''Login'' and '' Logout'' links. To retain this functionality it can be useful to wrap or inherit from `LoginModule`.
     23
     24Trac calls all authenticators via `trac.web.main.RequestDispatcher.authenticate` which lazily initializes the `req.authname` property.
     25
     26== Examples ==
     27
     28The following minimal example replaces the entire login process of trac with a simple authenticator module that automatically authenticates only those requests originating from the local IP address 127.0.0.1 as the user named ''local''.
     29
     30{{{#!python
     31from trac.core import *
     32from trac.web.api import IAuthenticator
     33
     34class LocalAuthenticator(Component):
     35
     36    implements(IAuthenticator)
     37
     38    def authenticate(self, req):
     39        if req.remote_addr == '127.0.0.1':
     40            return 'local'
     41        return None
     42}}}
     43
     44== Available Implementations ==
     45
     46In Trac:
     47* [source:trunk/trac/web/auth.py LoginModule]
     48
     49In third-party plugins:
     50* th:AccountManagerPlugin: `acct_mgr.web_ui.LoginModule`
     51 * Form-based login
     52* th:HttpAuthPlugin: `httpauth.filter.HTTPAuthFilter`
     53 * HTTP authentication (required for th:XmlRpcPlugin) that is compatible with th:AccountManagerPlugin
     54* th:SharedCookieAuthPlugin: sharedcookieauth.sharedcookieauth.SharedCookieAuth
     55 * See #8486
     56* th:CaptchaAuthPlugin: `captchaauth.auth.AuthCaptcha`
     57 * Captcha-based authentication
     58* [https://github.com/dairiki/authopenid-plugin authopenid-plugin]: `authopenid.authopenid.AuthOpenIdPlugin`
     59 * OpenID-based authentication
     60
     61== Additional Information and References ==
     62 * [http://www.edgewall.org/docs/trac-trunk/epydoc/trac.web.auth.IAuthenticator-class.html epydoc]
     63 * [http://www.edgewall.org/docs/trac-trunk/html/api/trac_web_auth.html#trac.web.auth.IAuthenticator API Reference]
     64 * Related tickets:
     65  * [query:keywords~=authentication&group=status authentication in keywords]
     66
     67 * TracAuthenticationIntroduction
     68 * TracStandalone#Authenticationfortracdbehindaproxy
     69 * TracDev/TracSession
     70 
     71 * Mailing list threads:
     72  * [trac-dev:3839 Login name conversion]
     73  * [trac-dev:6054 Common logon cookie]
     74  * [trac-dev:4809 Why authenticate twice?] (!AccountManager integration)
     75  * [trac-dev:2404 Replacing REMOTE_USER]