Could you do this with mod_authnz_external?
Trac registration comes with the account manager plugin,
and you can also direct Apache and Trac to use the same
htdigest file, like so (here, I am using Trac's htdigest to
identify users to subversion).
<Location /svn/>
DAV svn
SVNParentPath "/export/home/dc12360/Nobody/Svn"
AuthzSVNAccessFile "/export/home/dc12360/Nobody/Conf/svn.access"
Satisfy Any
Require valid-user
AuthType Digest
AuthName "ProjectFortress"
AuthDigestDomain /svn/
AuthDigestProvider file
AuthUserFile "/export/home/dc12360/Nobody/Conf/users.htdigest"
</Location>
This isn't exactly what I want -- the separation of read/write
permission still occurs in svn.access, which requires separate
modification. I'd like to have some way to consult the Trac groups
and permissions before granting write access (but I am very much
Apache-config-impaired -- for example, I do not know if the order
of the lines in the excerpt above matters, though I suppose it
would be an easy experiment to find out).
This also doesn't solve your problem, because you want to consult
LDAP first. But my suspicion is that the answer might be here,
rather than in Trac.
On 2007-04-27, at 3:00 PM, Thomas Vander Stichele wrote:
> I'm revamping our trac setups, and there is something we would like to
> be able to do, but I'm not sure it's possible or what would need
> changing to make it possible.
>
> Here's what we would like to do somehow:
> 1) by default, login authenticates against LDAP. (We use LDAP/SSL and
> non-anonymous binds)
> 2) if ldap says no, I'd like to use the openid plugin and allow people
> to authenticate themselves that way.
> 3) if this says no, I'd like people to be able to create an account
> and
> log in with that; this account can then be used on all of our tracs at
> once.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to trac-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---
