On Thu, Jan 28, 2010 at 3:33 AM, Cooke, Mark <[email protected]> wrote: > Hello list, > > I am currently trying to "properly" implement Trac which I have been > championing using tracd from my desktop. I now have a windoze server > and want to authenticate against Active Directory. My current plan is > to use apache and mod_authnz_ldap
+1 > What I am not sure about is: can I remove the need to re-authenticate > into Trac after passing the apache LDAP authentication gauntlet. > ~ can Trac pick up the user credentials from apache? You shouldn't need to re-authenticate. When you login (Basic | Digest auth isn'it ?). When users type the passw in the auth dialog box Apache (i.e. mod_authnz_ldap ) provides the user > ~ even better, can Trac get the user's email address from AD? > Using the right plugin, yes. > I have had a look at Trac-hacks and e.g. LdapPlugin but I don't want to > use LDAP groups for authorisation as my company IT structure would make > that way too much work, especially for the handful of active users that > would need more than default rights. > You can disable the component implementing LDAP groups, and that's it ! > I would have thought this a reasonably common use case so can anyone > point me at the right documentation for setting this up properly? > I mentioned one some time ago, and that question is very frequent in this list so I think something can be found provided that archive is working ok ;o) -- Regards, Olemis. Blog ES: http://simelo-es.blogspot.com/ Blog EN: http://simelo-en.blogspot.com/ Featured article: Mapping `ResourceNotFound`exception to `invalid_request` GViz response - http://simelo.hg.sourceforge.net/hgweb/simelo/trac-gviz/rev/114c0de27077 -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.
