On Wednesday, August 5, 2015 at 4:30:32 PM UTC-7, Robert Jacobson wrote: > > > If I use that Location parameter: > 1) With remote-user-auth.py disabled: > - login never results in an actual login > 2) With remote-user-auth.py enabled: > - trac header says "logged in as (null) " >
The second finding seems to suggests that REMOTE_USER has the value NULL in the Apache environment. But wouldn't that be translated to None in Python? This page suggests that SiteMinder sets the SM_USER variable: https://asterix-gerrit.ics.uci.edu/Documentation/config-sso.html https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/index.htm?toc.htm?256659.html?intcmp=searchresultclick&resultnum=818 Maybe you could change the plugin: req.get_header('Remote-User') -> req.get_header('Sm-User') > We reconfigured SiteMinder to "protect" (i.e. require redirect to login) > from "/trac/login" to "/trac", and seems to "work"; i.e. I can now login > and stay logged in. However: > - Simply visiting /trac automatically redirects to the SiteMinder > login page. I don't really want this; I'd rather people only have to login > if they want to edit something in Trac (i.e. I want them to have to click > the "Login" link first) > - visiting /trac/login results in a "Authentication information not > available" error from Trac. (but I am, in fact, logged in) > The latter finding is not too surprising since req.remote_user will be unset: http://trac.edgewall.org/browser/tags/trac-1.0.8/trac/web/api.py?marks=398#L392 http://trac.edgewall.org/browser/tags/trac-1.0.8/trac/web/auth.py?marks=148,154-156#L131 -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
