id summary reporter owner description type status priority milestone component version severity resolution keywords cc branch changelog apichanges internalchanges 2417 Customizable trac_auth cookie domain trac@… Jonas Borgström "We're using Kerberos over HTTP Basic authentication with Trac. To reduce the CPU load on the Web server we'd like to redirect to SSL only for the authentication request, then go back to regular HTTP otherwise. We can do this with Apache directives, but the cookie is not used by the non-SSL server (which has a different hostname, per university policy). I ended up having to hack web/auth.py to add in LoginModule._do_login: {{{ req.outcookie['trac_auth']['domain'] = 'acm.uiuc.edu' }}} With that, everything seems to work, but it'd be nice to be able to have a trac.ini setting for 'cookie domain'." enhancement closed normal web frontend devel normal wontfix authentication trac_auth domain needfixup lm@…