Hi Ryan,
thanks again for the quick reply.
I think, the 'proxy_pass_header Authorization' directive is only necessary,
when trac should handle authentication. Cf.
https://en.wikipedia.org/wiki/Basic_access_authentication#Client_side
In my setting, I want nginx to handle (not pass) this authorization header.
Just to be sure, I tried with 'proxy_pass_header Authorization' as well,
but this does not change anything.
Is there some place, where I can patch the ''environ['REMOTE_USER'] =
environ['HTTP_REMOTE_USER']" line?
I'm new to python, so any directions would speed up my attempts.
I'm happy to help setting up some useful description for Trac with
nginx, once this works out.
Not that I'm an nginx expert. Using it for a couple of month now...
Kind regards,
Alex
Am 21.01.2016 um 02:05 schrieb RjOllos:
On Wednesday, January 20, 2016 at 6:51:18 AM UTC-8, deadf00d wrote:
Dear Ryan,
thanks for your quick and detailed reply.
I think I understand the problem and it seems that your analysis
regarding
REMOTE_USER and HTTP_REMOTE_USER is right. Yet, I do not
understand how to fix this.
The TracModWSGI approach seems promising, but as I run tracd, I do
not know
where to add the ''environ['REMOTE_USER'] =
environ['HTTP_REMOTE_USER']" line.
I can't do it in remote-user-auth.py as far as I can see, because
there I have no access to
'environ', right?
My setup is as follows:
Tracd started with "tracd -d -p 8080 --protocol=http -s
/usr/local/trac/myproject".
Nginx conf:
ldap_server myldapserver {
url "ldaps://ldap.mydomain.com:636/...";
binddn "...";
binddn_passwd "...";
connect_timeout 5s;
bind_timeout 5s;
request_timeout 5s;
satisfy any;
}
server {
listen 80;
server_name trac.mydomain.com <http://trac.mydomain.com>;
location / {
proxy_pass http://trac.mydomain.com:8080;
}
location /login {
proxy_pass http://trac.mydomain.com:8080;
auth_ldap "Please enter your credentials for issue tracker";
auth_ldap_servers myldapserver;
proxy_set_header REMOTE_USER $remote_user;
}
}
Any further help will be much appreciated.
Did you try using the directive "proxy_pass_header Authorization;"?
I'm not sure what the function is, but it is used in the authorization
example on the TracNginxRecipe page.
--
You received this message because you are subscribed to the Google
Groups "Trac Users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
To post to this group, send email to [email protected]
<mailto:[email protected]>.
Visit this group at https://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
