Version 2 (modified by rupert thurner, 11 years ago) (diff)


Force HTTP authentication from within Trac


Allows you to protect certain paths with HTTP authentication. The AccountManagerPlugin is used to check passwords.

Primarily this is meant to be used with the XmlRpcPlugin so it will work while using AccountManager's form-based logins.

Bugs/Feature Requests

Existing bugs and feature requests for HttpAuthPlugin are here.

If you have any issues, create a new ticket.


Download the zipped source from [download:httpauthplugin here].


You can check out HttpAuthPlugin from here using Subversion, or browse the source with Trac.


To enable:

httpauth.* = enabled

To add additional paths:

paths = /xmlrpc, /login/xmlrpc

Recent Changes

16759 by rjollos on 2017-08-25 18:53:03
TracHTTPAuth 1.2: Run autopep8 on codebase
12656 by txcraig on 2013-02-24 13:55:10
#10881 Added maintainer and maintainer_email setting after adopting HttpAuthPlugin
12394 by jun66j5 on 2012-11-29 17:26:08
Fixed broken communication between client on tracd using HTTP/1.1 if sending 401 Unauthorized. Sends Connection: close header in this case.

Closes #8558.



Author: coderanger