bloodhound-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Ollos <>
Subject Re: Help for alternate authentication module
Date Tue, 14 May 2013 09:05:21 GMT
On Mon, May 13, 2013 at 9:54 AM, Chris Gamache <> wrote:

> Is it possible to hook in an alternate authentication scheme to bloodhound?
> I've tried to implement a custom IAuthenticator per
> which looks at a cookie to
> determine allow/deny, and I must not be doing it right. It seems like it is
> not even getting called...

Hi Chris,

I think that you'd have to disable all of the other components that
implement IAuthenticator, including the one from AccountManagerPlugin.

In a standard Trac setup, trac.web.auth.LoginModule is the enabled
IAuthenticator component [1], and RequestDispatcher returns the authname of
the first IAuthenticator that returns an authname that is not None [2].

When AccountManagerPlugin is installed, trac.web.auth.LoginModule is
disabled and AccountManager's LoginModule component is enabled, which
inherits from trac.web.auth.LoginModule and overrides the authenticate
method [3]. One possibility is that AccountManager's LoginModule is being
called first and granting authentication before your IAuthenticator is

However, I'm not sure you should be performing authorization inside an
IAuthenticator. It looks to me that this is the job of the IPasswordStore
implementation. I don't have a good picture of what you are trying to do,
but it might make sense to implement an IPasswordStore even if you aren't
technically storing any passwords. You can see how some plugins have
implemented IPasswordStore's for the AccountManager on trac-hacks [4].

Could you provide some more details about exactly what you are trying to do?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message