Changes between Version 7 and Version 8 of LDAPAuthPlugin


Ignore:
Timestamp:
Jul 7, 2013 4:37:17 PM (15 months ago)
Author:
papagr
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • LDAPAuthPlugin

    v7 v8  
     1= TracLDAPAuth Installation & Configuration = 
     2 
    13''see also TracLdapAuthPlugin'' 
    24 
    3 I'm not the developer or maintainer of the LDAPAuthPlugin, and this 
    4 is not a real reference; just some quick notes on using LDAPAuthPlugin  
    5 with a standalone tracd: 
     5== Installation == 
    66 
    7 Prerequisites: 
     7 * install [http://python-ldap.org/ python-ldap] 
     8 * install AccountManager plugin 
     9 * install TracLdapAuthPlugin plugin 
    810 
    9  * install python-ldap 
    10  * install AccountManager plugin 
    11  * install LDAPAuth plugin [http://pypi.python.org/pypi/TracLDAPAuth/] 
     11== Configuration Options == 
    1212 
    13 I'm using tracd to serve multiple projects, and have a global trac.ini:  
     13`host_url` 
     14   
     15  Server URL to use for LDAP authentication. e.g.: 
     16  {{{ 
     17  ldap://ldap.example.com 
     18  ldaps://ldap.example.com 
     19  }}} 
     20 
     21`base_dn` 
     22  The user base DN when searching for users 
     23 
     24`bind_user` 
     25  LDAP user for searching 
     26 
     27`bind_password` 
     28  LDAP user password 
     29 
     30`search_scope` 
     31  The ldap search scope: base, onelevel or subtree 
     32 
     33`search_filter` 
     34  The ldap search filter template where %s is replaced with the username 
     35 
     36== Example TracIni configuration == 
    1437 
    1538{{{ 
    1639[ldap] 
    17 bind_dn =<bind DN> 
    18 ;e.g. bind_dn = uid=%s,ou=people,dc=foo,dc=bar,dc=moo 
     40host_url = ldap://ldap.example.com 
     41base_dn = OU=Users,DC=example,DC=com 
     42bind_user = ldap@example.com 
     43bind_password = your_secret_password_here 
     44search_scope = subtree 
     45search_filter = (&(objectClass=user)(sAMAccountName=%s)) 
    1946 
    20 host_url = <ldap server address> 
     47[account-manager] 
     48password_store = LDAPStore 
    2149 
    2250[components] 
    23 trac.web.auth.LoginModule = disabled 
    24   
    25 acct_mgr.admin.accountmanageradminpage = enabled 
    26 acct_mgr.api.accountmanager = enabled 
    27 acct_mgr.web_ui.LoginModule = enabled 
    28   
    29 ; be sure to enable the component 
    30 ldapauth.store.LDAPStore = enabled 
    31   
    32 [account-manager] 
    33 ; configure the plugin to store passwords in the htdigest format: 
    34 password_store = LDAPStore 
    35  
     51ldapauth.* = enabled 
    3652}}} 
    3753 
    38 This global trac.ini then gets inherited by each trac projects' trac.ini: 
     54== A Better Ldap Solution == 
    3955 
    40   
    41 {{{ 
    42 # -*- coding: utf-8 -*- 
    43    
    44 [inherit] 
    45 file = /my/path/to/trac_projects/trac.ini 
    46  
    47 ... 
    48 }}} 
    49  
    50  
    51 Start tracd like this: 
    52  
    53 {{{ 
    54 tracd -p 80 -e /my/path/to/trac_projects 
    55 }}} 
    56  
    57 If you are using [trachacks:TracForgePlugin TracForge] to get some multi-project support (single sign-on etc.) you 
    58 might rather want to start like this, so only the master project shows up on the standard 
    59 projects list page: 
    60  
    61 {{{ 
    62 tracd -p 80 /my/path/to/trac_projects/my_master_project 
    63 }}} 
    64  
    65  
    66 == A Better Ldap Solution == 
    6756This plugin doesn't support user listing, changing password, registration or non-simple binding. 
    6857