I'm trying to setup Trac, using mod_wsgi, LDAP and a xml theming proxy called collective.xdv.
Thanks to users on this list I've got pretty close, using the Apache configuration below, however I'm encountering the following 2 major issues: 1) I've noticed that during testing, if I access the Trac site via 8202, the 8022 site errors with 'RuntimeError: instance.__dict__ not accessible in restricted mode' and will not work again till Apache is restarted. 8202 still works regardless of if 8022 is erroring or accessed. This seems related to this Trac bug: http://trac.edgewall.org/ticket/3371 . But I'm not using mod_python and WSGIProcessGroup and WSGIApplicationGroup are the same value. (More detail regarding this problem is also here: http://serverfault.com/questions/180850 ) 2) LDAP on Trac only works via port 8202, not via 8022. Fairly obviously because that's where the rule is set-up. But the rest of the site on 8022 doesn't need to be LDAP protected. How do I apply the LDAP authentication behind the proxy? Can the proxy somehow inherit the authentication rule when Trac is requested? (More detail regarding this problem is also here: http://serverfault.com/questions/180845 ) I'd appreciate any input this list might have. <VirtualHost foo.bar.com:8022> ServerName foo.bar.com ServerAlias foo.bar.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/(.*) http://0.0.0.0:8002/$1 [P] </VirtualHost> <VirtualHost foo.bar.com:8202> ServerName foo.bar.com ServerAlias foo.bar.com <Directory "/home/web/foo/parts/trac/tracwsgi/cgi-bin"> WSGIDaemonProcess trac stack-size=524288 python-path=/usr/lib/python2.5/site-packages WSGIScriptAlias /trac /home/web/foo/parts/trac/tracwsgi/cgi-bin/trac.wsgi WSGIProcessGroup %{GLOBAL} WSGIApplicationGroup %{GLOBAL} Options +Indexes FollowSymLinks AllowOverride None Allow from all Order allow,deny </Directory> <Location "/trac"> AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative off AuthName "Login" AuthLDAPURL "ldap://127.0.0.1:389/dc=foo-bar,dc=org?uid" AuthLDAPBindDN "cn=admin, dc=foo-bar, dc=org" AuthLDAPBindPassword secretword require valid-user </Location> </VirtualHost> -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to trac-us...@googlegroups.com. To unsubscribe from this group, send email to trac-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.