Hi everyone, I'm revamping our trac setups, and there is something we would like to be able to do, but I'm not sure it's possible or what would need changing to make it possible.
Our previous setup used htpasswd files everywhere, one per project. Currently, I have set things up so that all our tracs use Apache authentication, which then uses LDAP. This setup now works fine. Here's what we would like to do somehow: 1) by default, login authenticates against LDAP. (We use LDAP/SSL and non-anonymous binds) 2) if ldap says no, I'd like to use the openid plugin and allow people to authenticate themselves that way. 3) if this says no, I'd like people to be able to create an account and log in with that; this account can then be used on all of our tracs at once. The reason for this is simple - we want to make it single-sign-on for our employees/contacts, single-sign-on using a standard system (openid) to make the barrier for entry less, and make it easy for people to register when openid is too new/hard for them. >From some browsing and experimenting, it seems that: - the account manager plugin would let me do 1) or 2), but not the combination - the openid plugin lets me do 3), but does not work with 1) and 2) at the same time. Is this correct, or am I missing something ? Is there any kind of workaround, like, say, have /login for web-based auth, /loginopenid for the openid plugin, and /loginhtp for htpassword login ? If this is not possible, what would need to be done ? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to trac-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-users?hl=en -~----------~----~----~----~------~----~------~--~---
