Changes between Version 88 and Version 89 of TracStandalone
- Timestamp:
- Jan 13, 2011, 9:08:40 PM (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TracStandalone
v88 v89 87 87 == Using Authentication == 88 88 89 Tracd provides support for both Basic and Digest authentication. The default is to use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the examples below. (You must still specify a dialogic "realm", which can be an empty string by trailing the BASICAUTH with a comma.) 90 89 Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line. 91 90 92 91 The general format for using authentication is: … … 94 93 $ tracd -p port --auth="base_project_dir,password_file_path,realm" project_path 95 94 }}} 96 97 95 where: 98 99 96 * '''base_project_dir''': the base directory of the project specified as follows: 100 97 * when serving multiple projects: ''relative'' to the `project_path` … … 104 101 * '''realm''': the realm name (can be anything) 105 102 * '''project_path''': path of the project 106 * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth 103 104 * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth. Although Basic authentication does not require a "realm", the command parser does, so the second comma is required, followed directly by the closing quote for an empty realm name. 107 105 108 106 Examples: … … 128 126 }}} 129 127 130 === Using a htpasswd password file ===128 === Basic Authorization: Using a htpasswd password file === 131 129 This section describes how to use `tracd` with Apache .htpasswd files. 132 130 133 131 To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache): 134 135 132 {{{ 136 133 $ sudo htpasswd -c /path/to/env/.htpasswd username … … 142 139 143 140 Then to start `tracd` run something like this: 144 145 141 {{{ 146 142 $ tracd -p 8080 --basic-auth="projectdirname,/fullpath/environmentname/.htpasswd,realmname" /fullpath/environmentname … … 148 144 149 145 For example: 150 151 146 {{{ 152 147 $ tracd -p 8080 --basic-auth="testenv,/srv/tracenv/testenv/.htpasswd,My Test Env" /srv/tracenv/testenv 153 148 }}} 154 155 149 ''Note:'' You might need to pass "-m" as a parameter to htpasswd on some platforms (OpenBSD). 156 150 157 === Using a htdigest password file ===151 === Digest authentication: Using a htdigest password file === 158 152 159 153 If you have Apache available, you can use the htdigest command to generate the password file. Type 'htdigest' to get some usage instructions, or read [http://httpd.apache.org/docs/2.0/programs/htdigest.html this page] from the Apache manual to get precise instructions. You'll be prompted for a password to enter for each user that you create. For the name of the password file, you can use whatever you like, but if you use something like `users.htdigest` it will remind you what the file contains. As a suggestion, put it in your <projectname>/conf folder along with the [TracIni trac.ini] file. … … 163 157 === Generating Passwords Without Apache === 164 158 165 If you don't have Apache available, you can use this simple Python script to generate your passwords: 159 Basic Authorization can be accomplished via this [http://www.4webhelp.net/us/password.php online HTTP Password generator]. Copy the generated password-hash line to the .htpasswd file on your system. 160 161 You can use this simple Python script to generate a '''digest''' password file: 166 162 167 163 {{{ … … 197 193 }}} 198 194 199 Note: If you use the above script you must use the --auth option to tracd, not --basic-auth, and you must set the realm in the --auth value to 'trac' (without the quotes). Example usage (assuming you saved the script as trac-digest.py):195 Note: If you use the above script you must set the realm in the `--auth` argument to '''`trac`'''. Example usage (assuming you saved the script as trac-digest.py): 200 196 201 197 {{{ … … 204 200 }}} 205 201 206 207 Note: If you would like to use --basic-auth you need to use htpasswd tool from apache server to generate .htpasswd file. The remaining part is similar but make sure to use empty realm (i.e. coma after path). Make sure to use -m option for it. If you do not have Apache, [trac:source:/tags/trac-0.11/contrib/htpasswd.py htpasswd.py] may help. (Note that it requires a `crypt` or `fcrypt` module; see the source comments for details.) 208 209 It is possible to use md5sum utility to generate digest-password file using such method: 202 ==== Using `md5sum` 203 It is possible to use `md5sum` utility to generate digest-password file: 210 204 {{{ 211 205 $ printf "${user}:trac:${password}" | md5sum - >>user.htdigest