Hi, I am not familiar with SAML and mod_auth_mellon, but I think the configuration is incorrect.
HttpAuthStore is unable to use with SAML. It is to delegate the configured URL with HTTP Basic or Digest authentication. Also, I think AccountManagerPlugin is not needed for Trac with mod_auth_mellon. > <Location /authFile> > AuthType Mellon > MellonEnable auth > Require valid-user > </Location> Change to: <Location /login> AuthType Mellon MellonEnable auth # Trac uses REMOTE_USER variable to authenticate the user MellonSetEnvNoPrefix REMOTE_USER NAME_ID Require valid-user </Location> > [components] > trac.web.auth.loginmodule = disabled > acct_mgr.admin.* = enabled > ... Next, uninstall AccountManagerPlguin, and remove "trac.web.auth.loginmodule" and all "acct_mgr.*" from the [components] section. Finally, restart Apache and try to click "login" in the menu. On 2025/01/13 14:13, Adrian Bradd wrote: > Hi all, > > I've got an Apache reverse proxy that I'm trying to use with mod_auth_mellon > to authenticate users on our trac instance using HttpAuthStore. > AccountManager is v0.6 (installed using "pip install TracAccountManager"). > Trac is version 1.6. I'm able to get HtDigestStore to work fine, but > everytime I try to use HttpAuthStore the page returns an error: "No handler > matched request to /authFile" > > I have the LogLevel set to DEBUG. But I see nothing in the logs. > > I have MellonDiagnostics enabled. It seems to be working as expected. > > tracd is running inside a container using the "--single-env" with the project > url at root. > > My trac config for AccountManager with HttpAuthStore: > > [components] > trac.web.auth.loginmodule = disabled > acct_mgr.admin.* = enabled > acct_mgr.api.* = enabled > acct_mgr.http.* = enabled > acct_mgr.web_ui.* = enabled > acct_mgr.web_ui.resetpwstore = disabled > acct_mgr.db.sessionstore = disabled > acct_mgr.htfile.htdigeststore = disabled > acct_mgr.htfile.htpasswdstore = disabled > acct_mgr.notification.* = disabled > acct_mgr.pwhash.* = disabled > acct_mgr.register.* = disabled > acct_mgr.svnserve.svnservepasswordstore = disabled > > [account-manager] > password_store = HttpAuthStore > authentication_url = /authFile > > I've tried with both acct_mgr.web_ui.* enabled and disabled as I'm not sure > if it is required. It made no difference in my testing. > > My config for Apache uses a virtual host : > > <Location /authFile> > AuthType Mellon > MellonEnable auth > Require valid-user > </Location> > > I've left out the configuration for <Location /> where i set the other Mellon > config such as metadata. I can add if anyone thinks it could be relevant. > > When I navigate to https://trac_site.com/authFile the browser goes through > the SAML login process and returns to https://trac_site.com/authFile only to > have the above-mentioned error reported: "No handler matched request to > /authFile" > > Any idea what I am missing? > > Cheers, > > Adrian > > > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Trac Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to trac-users+unsubscr...@googlegroups.com > <mailto:trac-users+unsubscr...@googlegroups.com>. > To view this discussion visit > https://groups.google.com/d/msgid/trac-users/e16deb88-2386-4a0e-9f32-e09d41480857n%40googlegroups.com > > <https://groups.google.com/d/msgid/trac-users/e16deb88-2386-4a0e-9f32-e09d41480857n%40googlegroups.com?utm_medium=email&utm_source=footer>. -- Jun Omae <jun6...@gmail.com> (大前 潤) -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/trac-users/5cf7b765-f8f9-493c-962d-3e8169cfdaf9%40gmail.com.
