Edgewall Software

Version 1 (modified by anonymous, 15 years ago) ( diff )

Introduction to Authentication for Trac

This is a work in progress document - and is written by someone who has been working this stuff out, rather than an expert. Please feel free to add clarifications, corrections and additions

The basic idea is that Trac itself does not do authentication (other than for tracd which I don't intend to cover here). Authentication is done by the http daemon environment, and the authentication information passed to trac when it is invoked by the httpd.

There are 2 basic approaches to Trac authentication:-

  1. Restrict access to the whole Trac installation, so that none of the trac pages are visible without authentication.
  2. Restrict access such that the Trac installation is visible to someone without authentication, but you can login with Trac.

The following examples are based on an Apache httpd server - further information on authentication on Apache can be found at http://httpd.apache.org/docs-2.0/howto/auth.html

They use a password file at /var/www/db/passwd - you will need to manipulate this with the htpasswd program or you could look at http://stein.cshl.org/~lstein/user_manage/ As an alternative you could drop in digest authentication - the Apache documentation describes this.

Require Authentication To Access The Trac Installation

This is the simplest method in both concept and implementation. It also allows you to know that your data is as secure as your web server authentication scheme and that there is a degree of trust in the user information entered on tickets etc.

For a trac installation under /var/www/trac, visible as URL http://www.example.com/trac/ you can use an authenticaton stanza for Apache similar to:-

<Location /trac>
  AuthType Basic
  AuthName "trac"
  AuthUserFile /var/www/db/passwd
  Require valid-user
  ... extra directives to invoke trac
  ... - ie ScriptAlias or mod_python stuff

Optional Authentication For The Trac Installation

(will write this chunk shortly…)

Note: See TracWiki for help on using the wiki.