wiki:HttpAuthPlugin

Force HTTP authentication from within Trac

Description

This plugin allows you to protect certain paths with HTTP authentication. The AccountManagerPlugin is used to check passwords.

Primarily this is meant to be used with the XmlRpcPlugin, so it will work while using AccountManager's form-based logins.

Bugs/Feature Requests

Existing bugs and feature requests for HttpAuthPlugin are here.

If you have any issues, create a new ticket.

defect

8 / 13

enhancement

0 / 3

task

1 / 1

Download

Download the zipped source from here.

There is also a version on PyPi.

Source

You can check out HttpAuthPlugin from here using Subversion, or browse the source with Trac. The 0.10 version also works with Trac 0.11.2.1 release, at least with mod_python.

Installation

General instructions on installing Trac plugins can be found on the TracPlugins page.

To enable the plugin:

[components]
httpauth.* = enabled

Configuration

The following are configuration examples for usage of this plugin, by making the indicated changes to your trac.ini file. To add additional paths:

[httpauth]
paths = /xmlrpc, /login/xmlrpc

To add additional formats, such as RSS:

[httpauth]
formats = rss

Troubleshooting

Authentication issues while using Trac with mod_wsgi

Symptom

HTTP authentication just does not want to work. The Authorization header is passed with the HTTP request, but it seems to be lost on the way.

If you set the loglevel to INFO, then you will get this entry in your trac.log:

Trac[filter] INFO: HTTPAuthFilter: No/bad authentication data given, returing 403

See ticket #1169.

Cause

If you're using mod_wsgi, authorization information is stripped before passing to the WSGI application.

Solution

Turn WSGIPassAuthorization On in your Apache configuration for it to work.

See also ConfigurationDirectives.

Recent Changes

12656 by txcraig on 2013-02-24 14:55:10
#10881 Added maintainer and maintainer_email setting after adopting HttpAuthPlugin
12394 by jun66j5 on 2012-11-29 18:26:08
Fixed broken communication between client on tracd using HTTP/1.1 if sending 401 Unauthorized. Sends Connection: close header in this case.

Closes #8558.

6675 by pacopablo on 2009-10-11 05:07:19
Set Content-Length header. Needed for API change in 0.12.
See http://trac.edgewall.org/wiki/TracDev/ApiChanges/0.12?version=8#tracdandHTTP1.1

While not strictly necessary for anything prior to trunk, the change is
still worth while.

(more)

Author/Contributors

Author: coderanger
Maintainer: txcraig
Contributors: pacopablo

Last modified 6 months ago Last modified on Jan 17, 2016, 4:09:47 PM