On Wed, Aug 30, 2006 at 12:38:21PM +0300, Jani Tiainen wrote: > >This is apache's task (assumed you use apache). > >For instance, I use mod_auth_ldap for authentication and have a "require > >valid-user" in the appropriate location container in httpd.conf. > > Actually it isn't directly resposibility of task of external > authentication (like apache). (Depending on case) > > What here needs to be done is revoke modify/add rights from "anonymous" > user in Trac (by using tracadmin). Then anonymous is still able to > browse but not change (I'm using this kind of an approach in our company > server, anyone can browse, but only logged in can change)
Yes, but the term "anonymous" is a little bit confusing. With me (apache forces everyone to authenticate), "anonymous" means "default". If a user is autheticated for example as jtiainen, and there are no special rights defined for jtiainen within trac, then he will granted the permissions for anonymous - even he is jtiainen. In fact, I have no anonymous users. Rainer _______________________________________________ Trac mailing list [email protected] http://lists.edgewall.com/mailman/listinfo/trac
