I'll post my configuration, it works perfectly fine: httpd-ssl.conf:
Listen *:443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache "shmcb:/etc/httpd/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 SSLMutex "file:/etc/httpd/logs/ssl_mutex" NameVirtualHost *:443 <VirtualHost *:443> # General setup for the virtual host DocumentRoot "/home/data/trac" ServerName <your-server> ServerAdmin adm...@evidian.de ErrorLog "/etc/httpd/logs/error_log" TransferLog "/etc/httpd/logs/access_log" <Location "/"> AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative off AuthName "Login" AuthLDAPURL "ldap://<LDAP-IP>:389/OU=Where-your-users- are,DC=your,DC=server,DC=org?sAMAccountName?sub?(objectClass=*)" NONE AuthLDAPBindDN "CN=USER_THAT_HAS_READ_ACCESS,CN=WHERE_IT_AT,DC=your,DC=server,DC=org" AuthLDAPBindPassword "Password" require valid-user SetHandler mod_python PythonInterpreter main_interpreter PythonHandler trac.web.modpython_frontend PythonOption PYTHON_EGG_CACHE /tmp/python_egg_cache PythonOption TracEnvParentDir /home/data/trac/ PythonOption TracUriRoot / </Location> <Directory "/"> Options FollowSymLinks ExecCGI Indexes Includes Order Allow,Deny Allow from All AllowOverride None </Directory> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW: +SSLv2:+EXP:+eNULL SSLCertificateFile "/etc/httpd/conf/KEY.crt" SSLCertificateKeyFile "/etc/httpd/conf/KEY.key" SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/etc/httpd/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog "/etc/httpd/logs/ssl_request_log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> On 6 Sep., 20:28, Noah Kantrowitz <n...@coderanger.net> wrote: > On Sep 6, 2010, at 7:34 AM, Jon Hadley wrote: > > >> You cannot proxy HTTP auth like that. It is an internal thing > >> within the web > >> server. You either need to run the Trac on Apache, or let tracd do > >> the > >> authentication (via AccountManager+LDAPAuth). > > > The various AccountManager LDAP plugins appear to be a mess. Does > > anyone have a working Apache + LDAP + Trac configuration I could crib > > from? Even a 'Trac on Apache' setup (WSGI?) would be a good start. > > What do you mean "various"? Is there anything other > thanhttp://pypi.python.org/pypi/TracLDAPAuth? > There is an example config in there that works just fine for me. > > --Noah -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to trac-us...@googlegroups.com. To unsubscribe from this group, send email to trac-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.