I am using Trac on a Mac with Tiger server for authentication. It
would be GREAT to tie TRAC authentication to use LDAP. Any chance
you allow the LDAP server to provide back which priviledges for each
group or each user?
Thanks,
Charlie
On Nov 15, 2006, at 11:05 AM, Jesus Climent wrote:
> Hi, list.
>
> We are trying to integrate trac with LDAP for accessing the
> environments.
>
> We have succeded using LDAP groups for accessing SVN (using a
> custom apache
> module instead of svn Authz file) and we want to use the same
> approach for the
> browser to access them through Trac.
>
> The problem we face right now is that the integrated browser uses
> the authz
> file for getting both the users and the groups (along with the
> paths) and we
> cannot define those groups under LDAP and feed them to the trac
> browser.
>
> I will try to explain it on a diagram:
>
> This file used to contain the group @group
> +---------------+
> | authz.txt |
> +---------------+
> | [svn:path] |<------> SVN <------> [LDAP: @group::members]
> | @group = rw | ^ ^
> | ... | | |
> +---------------+ (Browser) |
> ^ | |
> +---------------> Trac <---------
>
> However, Trac cannot retrieve the groups from LDAP, and uses the
> one defined
> in the authz.txt
>
> One of my workmates posted some patch with an initial idea on how
> to move to
> LDAP groups, but he said his understanding of the issue is very
> limited, and i
> am not myself any good with python.
>
> The patch is attached, and I would like to know if it is possible
> to get the
> idea developed so that it could be integrated under trac proper.
>
> Thanks,
> --
> Jesus Climent info:pumuki.org dj:triplestereo.com
> Unix SysAdm|Linux User #66350|Debian Developer|2.6.18|Helsinki Finland
> GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429 7E18 66FC 1D7F 8694 6D69
>
> You're just jealous because I'm a real freak and you have to wear a
> mask.
> --Penguin (Batman Returns)
>
>
> > Index: trac/versioncontrol/svn_authz.py
> ===================================================================
> --- trac/versioncontrol/svn_authz.py (revision 4001)
> +++ trac/versioncontrol/svn_authz.py (working copy)
> @@ -16,7 +16,7 @@
> # Author: Francois Harvey <[EMAIL PROTECTED]>
> # Matthew Good <[EMAIL PROTECTED]>
>
> -from trac.config import Option
> +from trac.config import Option, BoolOption
> from trac.core import *
> from trac.versioncontrol import Authorizer
>
> @@ -31,15 +31,19 @@
> authz_module_name = Option('trac', 'authz_module_name', '',
> """The module prefix used in the authz_file.""")
>
> + authz_use_trac_groups = BoolOption('trac',
> 'authz_use_trac_groups', 'false',
> + """...""")
>
> +
> def SubversionAuthorizer(env, authname):
> authz_file = env.config.get('trac', 'authz_file')
> if not authz_file:
> return Authorizer()
>
> module_name = env.config.get('trac', 'authz_module_name')
> + use_trac_groups = env.config.getbool('trac',
> 'authz_use_trac_groups')
> db = env.get_db_cnx()
> - return RealSubversionAuthorizer(db, authname, module_name,
> authz_file)
> + return RealSubversionAuthorizer(db, authname, module_name,
> authz_file, use_trac_groups)
>
> def parent_iter(path):
> path = path.strip('/')
> @@ -64,10 +68,11 @@
> module_name = ''
> conf_authz = None
>
> - def __init__(self, db, auth_name, module_name, cfg_file,
> cfg_fp=None):
> + def __init__(self, db, auth_name, module_name, cfg_file,
> use_trac_groups, cfg_fp=None):
> self.db = db
> self.auth_name = auth_name
> self.module_name = module_name
> + self.use_trac_groups = use_trac_groups
>
> from ConfigParser import ConfigParser
> self.conf_authz = ConfigParser()
Charles Woloszynski
Innovative Concepts, Inc.
Sr. Director, Advanced Networking Systems
[EMAIL PROTECTED]
(703) 893-2007 x506
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Trac Development" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
