Changes between Version 9 and Version 10 of DirectoryAuthPlugin
- Timestamp:
- Mar 22, 2015, 7:51:03 AM (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
DirectoryAuthPlugin
v9 v10 1 1 [[PageOutline(2-5,Contents,pullout)]] 2 = Directory Auth Plugin =2 = Directory Auth Plugin 3 3 4 '''NOTE:''' Major changes from 0.3 5 - renamed to DirectoryAuthPlugin 6 - conf variables are renamed for standardization 7 - now more directory type agnostic 8 9 == Description == 4 == Description 10 5 11 6 The Directory Auth Plugin is a password store for the AccountManagerPlugin that provides authentication and groups from [http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol (LDAP)] enabled service including [http://www.openldap.org OpenLdap], [http://en.wikipedia.org/wiki/Active_Directory ActiveDirectory] and [http://en.wikipedia.org/wiki/Apple_Open_Directory OpenDirectory]. … … 13 8 Users are authenticated by performing an ldap_bind against a directory using their credentials. The plugin will also pull the email address and displayName from Directory and populate the `session_attribute` table. See [http://pacopablo.com/blog/pacopablo/blog/set-assign-to-drop-down Populating ''Assign To'' Drop Down in Trac] for more information on why. 14 9 15 This plugin was built upon the excellent ActiveDirectoryAuthPlugin by pacopablo .. much thanks for the original! 16 17 == Features == 10 == Features 18 11 - Can use a service account to do lookups, or anonymous binding 19 12 - Can use SSL if openssl is configured correctly ( I am working on some documentation for this ) … … 27 20 See: [DirectoryAuthPlugin/TheoryOfOperation TheoryOfOperation] 28 21 29 30 == Bugs/Feature Requests == 22 == Bugs/Feature Requests 31 23 32 24 Existing bugs and feature requests for DirectoryAuthPlugin are … … 36 28 [http://trac-hacks.org/newticket?component=DirectoryAuthPlugin&owner=sandinak new ticket]. 37 29 38 == Download ==30 == Download 39 31 40 32 Download the zipped source from [download:directoryauthplugin here] 41 33 42 == Source ==34 == Source 43 35 44 36 You can check out DirectoryAuthPlugin from [http://trac-hacks.org/svn/directoryauthplugin here] using Subversion, or [source:directoryauthplugin browse the source] with Trac. 45 37 46 == Install ==38 == Install 47 39 48 ==== Prerequisites ====40 ==== Prerequisites 49 41 50 42 - You must install AccountManagerPlugin in order to use this plugin. … … 52 44 - for SSL, you will have to install and configure OpenSSL to work with valid certificates. ( you can test using ldapsearch -Z ) 53 45 54 ==== Installation ====46 ==== Installation 55 47 56 48 Follow the Trac documentation on how [http://trac.edgewall.org/search?q=TracPlugins to install Trac plugins] … … 59 51 1. install the plugin and it's prerequisites 60 52 1. update the database 61 {{{ 62 #!sh 53 {{{#!sh 63 54 trac-admin /var/trac/instance upgrade 64 55 }}} … … 67 58 See [DirectoryAuthPlugin/ConfigurationExamples ConfigurationExamples] 68 59 69 == Common Errors ==60 == Common Errors 70 61 - When using SSL, the server won't authenticate. Make sure you can use ldapsearch -Z with the same parameters from the same host, and resolve the issues there. A handy way to do that is use: 71 62 {{{ … … 76 67 - If you see Trac throwing an exception similar to "OPERATIONS_ERROR: In order to perform this operation a successful bind must be completed on the connection" when you know the bind user/pass is correct you will want to try connection to active directory on port 3268. This may happen when AD is running across multiple machines. 77 68 78 == Recent Changes ==69 == Recent Changes 79 70 80 71 [[ChangeLog(directoryauthplugin, 3)]] 81 72 82 == Author/Contributors ==73 == Author/Contributors 83 74 84 75 '''Author:''' [wiki:pacopablo] [[BR]] 85 '''Maintainer:''' sandinak[[BR]]86 '''Contributors:''' 76 '''Maintainer:''' rjollos [[BR]] 77 '''Contributors:''' sandinak