[Moin-user] Issue with SSPI auth

Thomas Waldmann tw-public at gmx.de
Tue Mar 17 13:36:56 EDT 2009

> I just solved the issue. It turns out not to be releated to the sspi
> auth itself.
> The reason was yet again a switch in the HTTPAuth config in
> wikiconfig.py from moin-1.7.x to moin-1.8.x
> In moin 1.7.x I had:
>     from MoinMoin.auth.http import HTTPAuth
>     auth = [HTTPAuth]
>     user_autocreate = True
> Now, with moin-1.8.x this has to be changed to:
>     from MoinMoin.auth.http import HTTPAuth
>     auth = [HTTPAuth(autocreate=True)]

Wasn't that documented in docs/CHANGES?

BTW, be warned, for some version after 1.9, you'll have to change that
to "GivenAuth". Moin 1.9 will still be happy with HTTPAuth due to some
compatibility code I added, but emit warnings pointing you in the right

I changed that because HTTPAuth is simple the wrong name for that thing.
Auth is done by webserver and moin basically does not even know or care
whether it is http basic auth or some other of the many auth methods
supported by some apache module. So the authenticated user is just
"given" to moin, thus the new name "GivenAuth" (in 1.9).

OTOH, in 1.9, Moin will be able to do http basic auth on its own
(builtin). Because HTTPAuth will still work for compatibility reasons,
that one will be named HTTPAuthMoin.

> This again raises the questions why the upgrade process from one moin
> version to another is so poorly documented. At least I see room for
> improvement here.

Well, there are docs. You are sure you have read them?

http://hg.moinmo.in/moin/1.8/file/1da5c7d21660/docs/CHANGES see line
197... (and I also updated the help page, btw).

I am sorry that upgrading moin is sometimes a bit hard, esp. if you
don't carefully read the docs, but all the changes you see are usually
improvements and cleanups (sometimes that maybe is not obvious, but
trust me :).

More information about the Moin-user mailing list