Rainer Sokoll kirjoitti:
On Wed, Aug 30, 2006 at 04:19:17AM -0400, Raz Goren wrote:
Currently an anonymous user or a logged in user can change things in our
trac system or open tickets .
How do I prevent users that are not logged in from adding or changing
pages .
This is apache's task (assumed you use apache).
For instance, I use mod_auth_ldap for authentication and have a "require
valid-user" in the appropriate location container in httpd.conf.
Actually it isn't directly resposibility of task of external
authentication (like apache). (Depending on case)
What here needs to be done is revoke modify/add rights from "anonymous"
user in Trac (by using tracadmin). Then anonymous is still able to
browse but not change (I'm using this kind of an approach in our company
server, anyone can browse, but only logged in can change)
If you need authentication always (anonymous can't even browse) easiest
way is to setup authentication required for whole Trac site by using
HTTP-server in question.
--
Jani Tiainen
_______________________________________________
Trac mailing list
Trac@lists.edgewall.com
http://lists.edgewall.com/mailman/listinfo/trac
