> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On
> Behalf Of Jan Eberhardt
>
>
> Hello trac-team and/or mailinglist users,
>
> I am using LDAP for authentication and I want to define permissions
> for every single user that logged in via LDAP.
> When I login (LDAP is working), the permissions of the 'authenticated'
> group are matched to the login user (seems right so far), but I also
> did 'trac-admin <env> permission add <username>'. I gave this user
> (matching the LDAP login) higher permissions, but they dont apply.
>
> An example:
> LDAP Login for the user is 'bob', I also create 'trac-admin <env>
> permission add bob TRAC_ADMIN', but when I login as 'bob' I dont see
> the admin-panel.
>
> The 'admin' user works right (authenticated via local htpasswd file),
> but when I want to grant the LDAP users higher rights, it fails.
>
> What goes wrong, where do I fail ?
What messages (if any) do you get in your apache log files?
Can you show us the relevant bits of your apache `conf` file and your wsgi
files?
As a quick suggestion, is this a case issue? I have the following line in my
WSGI file:
# Make sure usernames are lower case...
environ['REMOTE_USER'] = environ['REMOTE_USER'].lower()
...or a domain issue...
# Strip any domain if present
while "\\" in environ['REMOTE_USER']:
environ['REMOTE_USER'] = environ['REMOTE_USER'].split("\\", 1)[1]
Hope that helps,
~ Mark C
> Kind regards
> Eberhardt
>
> --
> Trac-System:
> - Red Hat Linux
> - apache (with mod_wsgi, mod_ldap, mod_authnz_ldap)
> - MySQL
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
