Derek Diget wrote:
I am working on an fresh 0.11rc1 install that we want to integrate with our LDAP environment and being a trac newbie I have read several of the account/LDAP plug-ins and I am not sure what combination we want to use. Would this list be so nice and help me start on the correct foot and path? :)Quest: 1) To not use HTTP BasicAuth authentication: Use "Account Manager Plug-in" <//trac-hacks.org/wiki/AccountManagerPlugin> Correct? 2) Authenticate users to our LDAP via AccountManagerPlugin's login page: We don't want any "passwords" stored/cached within trac Use what plug-in or combination?
http://pypi.python.org/pypi/TracLDAPAuth
Potential points of interest....
- We want user's "Full Name" and "Email Address" to be sync'd
with their displayName and mail attribute in LDAP as well as
being read-only within trac. (LDAP is the authoritative data
source for those two pieces of information and thus should
not be able to be modified within trac.) I think that we can
go grab that information with the LdapSessionSettingsPatch,
but how can we lock it down?
This is currently annoying, but one of the openmoko guys has a nice snippet to put in site.html to disable those two settings.
- Initially for our proof of concept installation we will want
to store group information within trac, but eventually we
will probably want to also get this information from LDAP.
LdapPlugin handles this I think. --Noah
signature.asc
Description: OpenPGP digital signature
