Customizable trac_auth cookie domain
|Reported by:||Owned by:||Jonas Borgström|
|Severity:||normal||Keywords:||authentication trac_auth domain needfixup|
We're using Kerberos over HTTP Basic authentication with Trac. To reduce the CPU load on the Web server we'd like to redirect to SSL only for the authentication request, then go back to regular HTTP otherwise. We can do this with Apache directives, but the cookie is not used by the non-SSL server (which has a different hostname, per university policy). I ended up having to hack web/auth.py to add in LoginModule._do_login:
req.outcookie['trac_auth']['domain'] = 'acm.uiuc.edu'
With that, everything seems to work, but it'd be nice to be able to have a trac.ini setting for 'cookie domain'.