[EMAIL PROTECTED] kirjoitti: > Jani, thanks that seems to be exactly what I want with one tiny > problem. > > It automatically logs me in as 'localguest' which I've deduced is the > account Apache is running under in Windows.
Actually... Not really.. :) It's lowest credetials it could authenticate you. > Does apache need to be running under a user account in the same domain > as the users I want to authenticate? I assume so, but I've been > unable to find anywhere that explicitly states that. And > unfortunately, I can't put this machine on the domain to easily test > that theory - IT has strict control over that. No but it must be in trusted domain list and contain valid domain user, otherwise it can't connect to AD. Bitchy thingy I found out by experience. > The documentation with mod_auth_sspi states: > > "If you plan to use Basic authentication, set the Apache service to > run as > a valid local or domain user. Failure to do so will result in clients > getting > 400 Bad Request or 500 Internal Server Error responses. " > > So that leads me to believe that my assumption is correct, but > verification from someone else would be nice before I start harassing > IT about putting this machine in the proper domain. Yep, that's the case. I can check settings from my work server "tomorrow".. :) But IIRC I have setup special "www" (or linux like "www-data") domain user that has only access to trac and svn directories. Makes me feel more "secure". Then I've setup as docs say - except IIRC there is/was bug in some versions of mod_sspi that affected IE7 and some pages (like new ticket) failed with "token not found" or similiar error from Trac. -- Jani Tiainen --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-users?hl=en -~----------~----~----~----~------~----~------~--~---
