Some of the feedback and questions that I've gotten about mtrack were around making it easier to deploy and use in an open or public facing environment.
To that end, I've added support of OpenID authentication and bot detection via reCaptcha.
To enable these features is quite simple; for OpenID, add the following lines to your config.ini file:
You should also remove any other Auth plugins that you may have there, as how they interact with OpenID is not currently defined.
This will cause mtrack to keep users classes as anonymous until they either request to log-in via a link in the navigation bar, or attempt to access a page that requires privileges that the anonymous user lacks.
Users authenticating via OpenID can contribute to tickets and wiki (unless you change their permissions, either directly, or via their user class), and those changes will be attributed to them using their OpenID identity URL.
mtrack has a system for aliasing users from different repos and authentication schemes, so if you had a code contributor named "wez" in one of your repos, an administrator can add their OpenID URL as an alias via the user administration screens. The admin user would edit the "wez" user and add "http://netevil.org/" to the list of aliases. This will cause mtrack to see that OpenID as being equivalent to the "wez" user.
You can, if you wish, make an OpenID URL recognized as an admin user by adding the following lines to your config.ini:
http://netevil.org/ = admin
This will have the effect of giving me admin rights to your mtrack install.
What about captchas?
Captcha's allow you to require that the person submitting a request be a human and not an automated submission agent. In practical terms, this helps to avoid spam by limiting it to human spammers instead of spam bots.
To enable Captchas in mtrack using the reCaptcha service, go and register your domain and get yourself a private and public key pair. Then add the following lines to your config.ini:
MTrackCaptcha_Recaptcha = pubkey, privkey
Where pubkey and privkey are your public and private keys respectively (you must not use double quotes).
This will cause a captcha to be displayed and checked in the wiki and ticket editing screens for anonymous and authenticated users; admin users will not see the captcha.
mtrack home page: http://bitbucket.org/wez/mtrack/wiki/Home
mtrack mailing list: http://groups.google.com/group/mtrack