Force HTTP authentication from within Trac

Description

Allows you to protect certain paths with HTTP authentication. The AccountManagerPlugin is used to check passwords.

Primarily this is meant to be used with the XmlRpcPlugin so it will work while using AccountManager's form-based logins.

Bugs/Feature Requests

Existing bugs and feature requests for HttpAuthPlugin are here.

If you have any issues, create a ​new ticket.

Download

Download the zipped source from [download:httpauthplugin here].

Source

You can check out HttpAuthPlugin from ​here using Subversion, or browse the source​ with Trac. The version in 0.10 is also working with 0.11.2.1 release, at least with mod_python.

Example

To enable:

[components]
httpauth.* = enabled

To add additional paths:

[httpauth]
paths = /xmlrpc, /login/xmlrpc

To add additional formats, like rss use this:

[httpauth]
formats = rss

Troubleshooting

Authentication issues while using Trac with mod_wsgi

Symptom

HTTP authentication just does not want to work. The Authorization header is passed with the HTTP request, but is seems to be lost on the way.

If you set the loglevel to INFO, then you will get this entry in your trac.log:

Trac[filter] INFO: HTTPAuthFilter: No/bad authentication data given, returing 403

It is already in Ticket #1169. I've quoted it here, since the solution is hard to find otherwise.

Cause

If you're using mod_wsgi, authorization information is stripped before passing to the WSGI application.

Solution

Turn WSGIPassAuthorization On in your Apache configuration for it to work.

See also ​ConfigurationDirectives

Recent Changes

18631 by jun66j5 on 2024-04-11 01:31:33

TracHTTPAuth: allow to configure HTTP authentication realm

18630 by jun66j5 on 2024-04-09 21:45:16

TracHTTPAuth: fix exception raising if colons are used in password

18629 by jun66j5 on 2024-04-09 17:53:55

TracHTTPAuth: make compatible with Python 3 and Trac 1.6 (closes #14250)

(more)

Author/Contributors

Author: coderanger
Contributors: