patch: authorize using Remote-User: header
|Reported by:||Owned by:|
|Cc:||Ryan J Ollos||Branch:|
for obscure reasons, my tracd-behind-proxypass wasn't able to authorize the usual way.
This patch will make trac trust the 'Remote-User:' header, even if the adaptor (CGI/etc) didn't otherwise set the remote_user field.
This probably should be a configuration option as it would otherwise have security implications but is perfect for our use - apache LDAP-based authentication. I'm aware of LdapPlugin but this seemed simpler and with broader implications (could work for other authentication types, kerberos etc).
Change History (19)
comment:5 by , 10 years ago
|Status:||new → closed|