| 80 | == Per-project == |
| 81 | |
| 82 | As you problably noticed, the global procedure described above uses the same {{{AuthUserFile}}}, so every user you create in this file can log in every Trac project you host. Of course, in a non-configured Trac env, this user will be considered as ''anonymous'', but you might not want this too. Using a per-project authentification also allows you to use a different authentification greater for each project. |
| 83 | |
| 84 | The procedure we are going to explain here is a bit more complicated than the previous one as it imply Perl scripting, and that you'll need to reload the Apache configuration when you add a new project. But it's also much more ''tweakable''. |
| 85 | |
| 86 | === Preparation === |
| 87 | |
| 88 | As for the first procedure, you'll need a {{{projects}}} directory into your DocumentRoot. Copy or symlink {{{trac.cgi}}} to this project : |
| 89 | |
| 90 | {{{ |
| 91 | mkdir projects |
| 92 | ln -s /usr/share/trac/cgi-bin/trac.cgi projects/trac.cgi |
| 93 | }}} |
| 94 | |
| 95 | We will also use an {{{index.cgi}}} file (a Perl script) to list availabe projects. We will discuss its creation later. We will also take for granted that your Trac environments live in {{{/var/lib/trac/}}}. |
| 96 | |
| 97 | === Apache configuration === |
| 98 | |
| 99 | The begining is exactly the same than for the global authentification installation : |
| 100 | |
| 101 | {{{ |
| 102 | RewriteEngine On |
| 103 | |
| 104 | RewriteRule ^/projects/+$ /projects/index.cgi [L] |
| 105 | RewriteCond /var/lib/trac/$1 -d |
| 106 | RewriteRule ^/projects/([[:alnum:]]+)(/?.*) /projects/trac.cgi$2 [S=1,E=TRAC_ENV:/var/lib/trac/$1] |
| 107 | RewriteRule ^/projects/(.*) /projects/index.cgi |
| 108 | |
| 109 | Alias /trac "/usr/share/trac/htdocs" |
| 110 | <Directory "/var/www/projects"> |
| 111 | AddHandler cgi-script .cgi |
| 112 | Options Indexes MultiViews SymLinksIfOwnerMatch +ExecCGI |
| 113 | AllowOverride None |
| 114 | Order allow,deny |
| 115 | Allow from all |
| 116 | </Directory> |
| 117 | }}} |
| 118 | |
| 119 | But here comes the magic. For each directory found in {{{/var/lib/trac/}}}, we create the appropriate {{{<Location>}}} section in the Apache configuration, using an automated Perl loop : |
| 120 | |
| 121 | {{{ |
| 122 | <Perl> |
| 123 | #!/usr/bin/perl |
| 124 | |
| 125 | # trac environments location |
| 126 | my $trac_path = "/var/lib/trac"; |
| 127 | |
| 128 | # trac base url |
| 129 | my $trac_location = "/projects"; |
| 130 | |
| 131 | opendir(TRAC_ROOT, $trac_path) or die "Unable to open Trac root directory ($trac_path)"; |
| 132 | |
| 133 | while (my $name = readdir(TRAC_ROOT)) |
| 134 | { |
| 135 | if ($name =~ /^[[:alnum:]]+$/) |
| 136 | { |
| 137 | $Location{"$trac_location/$name/login"} = { |
| 138 | AuthType => "Basic", |
| 139 | AuthName => "Trac authentification for $name", |
| 140 | AuthUserFile => "$trac_path/access.user", |
| 141 | AuthGroupFile => "$trac_path/access.group", |
| 142 | Require => "group $name", |
| 143 | }; |
| 144 | } |
| 145 | } |
| 146 | |
| 147 | closedir(TRAC_ROOT); |
| 148 | |
| 149 | __END__ |
| 150 | </Perl> |
| 151 | }}} |
| 152 | |
| 153 | === Auth files and project listing === |
| 154 | |
| 155 | In order to complete this setup, you will need two authentification files : |
| 156 | |
| 157 | * {{{/var/lib/trac/access.user}}}, an htpasswd file listing all user logins and passwords. You can of course use one file per project (use {{{$trac_path/$name.htpasswd}}} as AuthUserFile for example). |
| 158 | * {{{/var/lib/trac/access.group}}}, a group file, listing all authorized user per project, following this syntax : |
| 159 | {{{ |
| 160 | env1: user1 user2 |
| 161 | env2: user1 user3 |
| 162 | env3: user4 |
| 163 | }}} |
| 164 | |
| 165 | For the project listing, we will create another Perl script which will do basically the same as in the Apache configuration : |
| 166 | |
| 167 | {{{ |
| 168 | #!/usr/bin/perl |
| 169 | |
| 170 | use strict; |
| 171 | |
| 172 | my $trac_path = "/var/lib/trac"; |
| 173 | my $trac_location = "/projects"; |
| 174 | |
| 175 | # Send header |
| 176 | print "Content-Type: text/html\n\n"; |
| 177 | |
| 178 | # Send content |
| 179 | print "<html>\n"; |
| 180 | print " <head>\n"; |
| 181 | print " <title>Project listing</title>\n"; |
| 182 | print " </head>\n\n"; |
| 183 | print " <body>\n"; |
| 184 | print " <h1>Project listing</h1>\n"; |
| 185 | print " <ul id=\"trac\">\n"; |
| 186 | |
| 187 | opendir(ROOT, $trac_path) |
| 188 | or die "Unable to open root directory ($trac_path)"; |
| 189 | |
| 190 | while (my $name = readdir(ROOT)) |
| 191 | { |
| 192 | if ($name =~ /^[[:alnum:]]+$/) |
| 193 | { |
| 194 | print " <li><a href=\"$trac_location/$name\">" . ucfirst($name) . "</a></li>\n"; |
| 195 | } |
| 196 | } |
| 197 | |
| 198 | closedir(ROOT); |
| 199 | |
| 200 | print " </ul>\n"; |
| 201 | print " </body>\n"; |
| 202 | print "</html>\n"; |
| 203 | |
| 204 | __END__ |
| 205 | }}} |
| 206 | |
| 207 | Here you are ! Don't forget to ''chown'' these files to {{{www-data}}}, and it should work ! |
| 208 | |