trac could display LoginForm for not loged user's instead Error: Forbidden

[Dawid Polak <dawid@…>]

Why?

It's very confusedly (special for new users) when the first what He see is error:

Error: Forbidden WIKI_VIEW privileges are required to perform this operation on WikiStart

Simple catching this error and checking: "User is logged or not" could create much more comfortable environment to work.

[nkantrowitz]

Use the PermRedirect plugin.

[Dawid Polak <dawid@…>]

Of course that plugin can correct this problem, but I don't see any reason, why not fix it in trac core.

[eblot]

Replying to Dawid Polak <dawid@mentax.pl>:

Of course that plugin can correct this problem, but I don't see any reason, why not fix it in trac core.

The message with WIKI_VIEW is mostly seen when anonymous user is not allowed to browse the WikiStart page, that is logging in on the system is required to access the project.

In such a case, it is usually recommended to define the permission rules (Apache) on the project root URL (i.e. http://server/trac/project) rather than only on /login (i.e. http://server/trac/project/login).

When such a configuration is enabled, the user gets prompted for his credentials whenever it attemps to access the Wiki and does not get the WIKI_VIEW error message as long as he provides a valid login/password pair.

[Dawid Polak <dawid@…>]

In such a case, it is usually recommended to define the permission rules (Apache) on the project ...

Maybe it is true, but the 0.11 is public with LoginModule? (trac.web.auth) in standard. And the Module could be correct serve for any standard installation.

Maybe the simple path can be used, especially because when system us the Apache auth, this newer occur (and can't broke anything) :

        except PermissionError, e:
		if req.authname == 'anonymous':
			req.redirect( req.href( 'login', {'referer':req.href(req.path_info)} ) )
		raise HTTPForbidden(to_unicode(e))

in source:/trunk/trac/web/main.py@6264#L237

[Dawid Polak <dawid@…>]

Unfortunately - it's not complete solution.

Why?

Because (I don't know why) the wiki module in source:/trunk/trac/wiki/web_ui.py@6264#L94 check the user right's in match_request (from [5514]) .

Maybe it's some optimization hack, I don't know, but any other module don't do this in this place, and it's not look correct or compatible with TracDev/SecurityBranch

[eblot]

See also #6481

[osimons]

This is a duplicate of #5340. This ticket contains more discussion, but the other ticket came first + contains a patch. Flipped a coin and decided to close this ticket as a duplicate. Please do continue the discussion there.