132 | | For better security, it is recommended that you either enable SSL or at least use the “digest” authentication scheme instead of “Basic”. Please read the [http://httpd.apache.org/docs/2.0/ Apache HTTPD documentation] to find out more. For example, on a Debian 4.0r1 (etch) system the relevant section in apache configuration can look like this: |
| 138 | For better security, it is recommended that you either enable SSL or at least use the “digest” authentication scheme instead of “Basic”. |
| 139 | |
| 140 | You'll have to create your `.htpasswd` file with the `htdigest` command instead of `htpasswd`, as follows: |
| 141 | {{{ |
| 142 | # htdigest /somewhere/trac.htpasswd trac admin |
| 143 | }}} |
| 144 | |
| 145 | The "trac" parameter above is the "realm", and will have to be reused in the Apache configuration in the !AuthName directive: |
| 146 | |
143 | | and you'll have to create your .htpasswd file with htdigest instead of htpasswd as follows: |
144 | | {{{ |
145 | | # htdigest /somewhere/trac.htpasswd trac admin |
146 | | }}} |
147 | | where the "trac" parameter above is the same as !AuthName above ("Realm" in apache-docs). |
148 | | |
149 | | |
150 | | Creating password files and configuring authentication works similar to the examples given in the generic instructions for [wiki:TracInstall#ConfiguringAuthentication configuring authentication]: |
151 | | {{{ |
152 | | #!xml |
153 | | <Location /projects/myproject/login> |
154 | | AuthType Basic |
155 | | AuthName "myproject" |
156 | | AuthUserFile /var/trac/myproject/.htpasswd |
157 | | Require valid-user |
158 | | </Location> |
159 | | }}} |
| 157 | |
| 158 | For multiple environments, you can use the same `LocationMatch` as described with the previous method. |
| 159 | |
| 160 | Don't forget to activate the mod_auth_diget. For example, on a Debian 4.0r1 (etch) system: |
| 161 | {{{ |
| 162 | LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so |
| 163 | }}} |
| 164 | |
| 165 | |
| 166 | See also the [http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html mod_auth_digest] documentation. |