On 11/25/2013 05:29 PM, Stuart Cracraft wrote: > Hi, > > I have direction to: > > 1) use Trac within an SSL-only Apache environment (i.e. > all connections to the box are SSL-only. No non-SSL.) > > 2) use Trac within an LDAP group environment (i.e. only this > group or that group can use Trac to access a given repository.)
Uhm... haven't you been trough this already? You can force everything to ssl by having your default VirtualHost redirect everything to https://yoursslvhost. As for ldap, <LocationMatch /trac/[^/]+/login> Order deny,allow Deny from all Allow from MY_IPs AuthName "Trac" AuthType Basic AuthBasicProvider file ldap AuthUserFile /some/place/.htpasswd AuthLDAPURL "ldap://host/ou=,dc=,..."; AuthzLDAPAuthoritative Off Require valid-user </LocationMatch> works for me. (This has it both ways for outside users who are not in ldap but allowed to use trac.) You'll probably want to "Require ldap-group" or something instead. -- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
signature.asc
Description: OpenPGP digital signature
