I'm need help setting up Trac 1.0.8 (CentOS 6.6, Apache 2.2.15, Python 2.6.6 and WSGI) to use Siteminder Web Agent for login. Siteminder is a SSO solution -- there's an Apache agent for it. In short, it sets server variables like REMOTE_USER to the logged-in user's username.
First I installed Trac and set it up with Apache and WSGI. This seems to work just fine. I verified that Siteminder is setting REMOTE_USER by temporarily setting up Apache to point it to a PHP script to output the variables: ScriptAlias /trac/login "/data/www/cgi-bin-trac/outputvars.php" I took that out after verifying SiteMinder was working as expected. I then tried using the setup specified at http://trac.edgewall.org/wiki/TracStandalone to use REMOTE_USER for login. i.e. I put the remote-user-auth.py script in $ENV/plugins, and modified trac.ini (added the line "obey_remote_user_header = true" to [trac]). Now when I go to /trac/login, I'm sent briefly to Siteminder's login page, as expected. After login, I'm returned to the trac site. The header says "Logged in as username", but the page has the error message: Trac Error Authentication information not available. Please refer to the installation documentation <https://mpsdev.gsfc.nasa.gov/trac/wiki/TracInstall#ConfiguringAuthentication> . Then if I visit any other trac page, the header no longer shows me as logged in. I tried doing: trac-admin /data/www/html/trac/testproject permission add username TRAC_ADMIN And that gives me an "Admin" tab briefly after login, but again if I click it or any other page it is like I'm not logged in. I'm not sure where to go from here, so I would greatly appreciate any assistance. -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
