On Wed, Sep 1, 2010 at 10:24 AM, Jon Hadley <m...@jon-hadley.com> wrote: > I'm trying to set-up Trac to authorise users via the LDAP plugin on a Debian > (Lenny) server. > > LDAP appears to be working correctly, I can query successfully via: > > ldapsearch -vLx -h 127.0.0.1 -b "dc=example, dc=com" "(sn=mysurname)" > > And if i purposely break my Apache LDAP address settings I can see errors in > /var/log/apache2/error.log > > 2010-08-27 17:19:38,909 Trac[api] WARNING: LDAP error: No such object > (dc=examplefoo,dc=com) > > When I visit http://example.com:8022/trac and click the login button the > authentication window pops up, __however__, when I enter a correct > username/password I just get a Trac web page with: > > > Trac Error > Authentication information not available. Please refer to the > installation documentation. > > TracGuide — The Trac User and Administration Guide > > > The logs are equally unhelpful (ignore the svn error, I'm aware of that): > > 2010-09-01 14:25:30,553 Trac[api] DEBUG: NEEDS UP?: sys:False, > rep:False, stats:False, fields:False, man:False > 2010-09-01 14:25:30,577 Trac[env] WARNING: base_url option not set in > configuration, generated links may be incorrect > 2010-09-01 14:25:30,577 Trac[main] DEBUG: Dispatching <Request "GET > u'/login'"> > 2010-09-01 14:25:30,583 Trac[svn_fs] INFO: Failed to load Subversion > bindings > Traceback (most recent call last): > File > "/home/web/example/buildout-cache/eggs/Trac-0.11-py2.6.egg/trac/versioncontrol/svn_fs.py", > line 251, in __init__ > _import_svn() > File > "/home/web/example/buildout-cache/eggs/Trac-0.11-py2.6.egg/trac/versioncontrol/svn_fs.py", > line 69, in _import_svn > from svn import fs, repos, core, delta > ImportError: No module named svn > 2010-09-01 14:25:30,584 Trac[chrome] DEBUG: Prepare chrome data for > request > 2010-09-01 14:25:30,586 Trac[api] DEBUG: action controllers for ticket > workflow: ['ConfigurableTicketWorkflow'] > 2010-09-01 14:25:30,597 Trac[perm] DEBUG: No policy allowed anonymous > performing TICKET_CREATE on None > 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous > performing TRAC_ADMIN on None > 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous > performing PERMISSION_GRANT on None > 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous > performing PERMISSION_REVOKE on None > 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous > performing TICKET_ADMIN on None > 2010-09-01 14:25:30,601 Trac[main] WARNING: 500 Trac Error > (Authentication information not available. Please refer to the <a > href="/trac/wiki/TracInstall#ConfiguringAuthentication" title="Configuring > Authentication">installation documentation</a>.) > 2010-09-01 14:25:30,621 Trac[perm] DEBUG: No policy allowed anonymous > performing EMAIL_VIEW on None > 2010-09-01 14:25:30,621 Trac[session] DEBUG: Retrieving session for ID > '20e2cfb643bff0f9121fe615' > 2010-09-01 14:25:30,641 Trac[tande_filters] DEBUG: > self.billing_reports= set([9, 10, 11, 12, 13, 14, 15, 16, 17]) > 2010-09-01 14:25:30,642 Trac[ticket_webui] DEBUG: TicketWebUiAddon > executing > 2010-09-01 14:25:30,774 Trac[main] DEBUG: 124 unreachable objects > found. > > > My apache set-up is as follows. > > <VirtualHost example.com:8022> > ServerName example.com > ServerAlias example.com > > ProxyRequests Off > <Proxy *> > Order deny,allow > Allow from all > </Proxy> > > ProxyPreserveHost On > RewriteEngine On > RewriteCond %{HTTP:Authorization} ^(.*) > RewriteRule ^/(.*) http://127.0.0.1:8002/$1 [P] > </VirtualHost> > > <Location /trac/login> > AuthType Basic > AuthName "Trac" > AuthBasicProvider ldap > Order Allow,Deny > Allow from All > AuthLDAPURL "ldap://127.0.0.1:389/dc=example,dc=com?uid"; > #should be on if using groups > AuthzLDAPAuthoritative off > Require valid-user > #Require ldap-group cn=tracusers,dc=example,dc=com > </Location> > > The server has a number of other in-development services running, hence the > odd port number. > > For testing I just start the Trac server with: > > bin/tracd --port 8202 parts/trac > > Where am I going wrong? It feels as if the Apache config is as fault, as LDAP > does seem to be working. > > Is that the correct command to be starting the server with (htpasswd for > example has it's own options)? > > In the long run what's the best way to run the server? WSGI? > > Jon > > P.S. Cross posted to Server Fault if you're a member and want the rep: > http://serverfault.com/questions/176949 >
I think you want your location directive in in apache to just be /trac and not /trac/login Also are you using any plugins, that would affect logging in? Such as AccountManger, AcccountLdap, HTTPAuthPlugin. Matt P. -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to trac-us...@googlegroups.com. To unsubscribe from this group, send email to trac-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.
