Force HTTP authentication from within Trac
Allows you to protect certain paths with HTTP authentication. The AccountManagerPlugin is used to check passwords.
Primarily this is meant to be used with the XmlRpcPlugin so it will work while using AccountManager's form-based logins.
If you have any issues, create a new ticket.
Download the zipped source from here.
[components] httpauth.* = enabled
To add additional paths:
[httpauth] paths = /xmlrpc, /login/xmlrpc
To add additional formats, like rss use this:
[httpauth] formats = rss
Authentication issues while using Trac with mod_wsgi
HTTP authentication just does not want to work. The Authorization header is passed with the HTTP request, but it seems to be lost on the way.
If you set the loglevel to INFO, then you will get this entry in your trac.log:
Trac[filter] INFO: HTTPAuthFilter: No/bad authentication data given, returing 403
It is already in Ticket #1169. I've quoted it here, since the solution is hard to find otherwise.
If you're using mod_wsgi, authorization information is stripped before passing to the WSGI application.
Turn WSGIPassAuthorization On in your Apache configuration for it to work.
See also ConfigurationDirectives
Fixed broken communication between client on tracd using HTTP/1.1 if sending 401 Unauthorized. Sends Connection: close header in this case.
Set Content-Length header. Needed for API change in 0.12. See http://trac.edgewall.org/wiki/TracDev/ApiChanges/0.12?version=8#tracdandHTTP1.1
While not strictly necessary for anything prior to trunk, the change is still worth while.
Set the REMOTE_USER. Not strictly necessary, but should be done. Helps in cases with multiple LoginModule? objects being used elsewhere