Hi, I am not familiar with SAML and mod_auth_mellon, but I think the configuration is incorrect.
HttpAuthStore is unable to use with SAML. It is to delegate the configured URL with HTTP Basic or Digest authentication. Also, I think AccountManagerPlugin is not needed for Trac with mod_auth_mellon. > <Location /authFile> > AuthType Mellon > MellonEnable auth > Require valid-user > </Location> Change to: <Location /login> AuthType Mellon MellonEnable auth # Trac uses REMOTE_USER variable to authenticate the user MellonSetEnvNoPrefix REMOTE_USER NAME_ID Require valid-user </Location> > [components] > trac.web.auth.loginmodule = disabled > acct_mgr.admin.* = enabled > ... Next, uninstall AccountManagerPlguin, and remove "trac.web.auth.loginmodule" and all "acct_mgr.*" from the [components] section. Finally, restart Apache and try to click "login" in the menu. On 2025/01/13 14:13, Adrian Bradd wrote: > Hi all, > > I've got an Apache reverse proxy that I'm trying to use with mod_auth_mellon > to authenticate users on our trac instance using HttpAuthStore. > AccountManager is v0.6 (installed using "pip install TracAccountManager"). > Trac is version 1.6. I'm able to get HtDigestStore to work fine, but > everytime I try to use HttpAuthStore the page returns an error: "No handler > matched request to /authFile" > > I have the LogLevel set to DEBUG. But I see nothing in the logs. > > I have MellonDiagnostics enabled. It seems to be working as expected. > > tracd is running inside a container using the "--single-env" with the project > url at root. > > My trac config for AccountManager with HttpAuthStore: > > [components] > trac.web.auth.loginmodule = disabled > acct_mgr.admin.* = enabled > acct_mgr.api.* = enabled > acct_mgr.http.* = enabled > acct_mgr.web_ui.* = enabled > acct_mgr.web_ui.resetpwstore = disabled > acct_mgr.db.sessionstore = disabled > acct_mgr.htfile.htdigeststore = disabled > acct_mgr.htfile.htpasswdstore = disabled > acct_mgr.notification.* = disabled > acct_mgr.pwhash.* = disabled > acct_mgr.register.* = disabled > acct_mgr.svnserve.svnservepasswordstore = disabled > > [account-manager] > password_store = HttpAuthStore > authentication_url = /authFile > > I've tried with both acct_mgr.web_ui.* enabled and disabled as I'm not sure > if it is required. It made no difference in my testing. > > My config for Apache uses a virtual host : > > <Location /authFile> > AuthType Mellon > MellonEnable auth > Require valid-user > </Location> > > I've left out the configuration for <Location /> where i set the other Mellon > config such as metadata. I can add if anyone thinks it could be relevant. > > When I navigate to https://trac_site.com/authFile the browser goes through > the SAML login process and returns to https://trac_site.com/authFile only to > have the above-mentioned error reported: "No handler matched request to > /authFile" > > Any idea what I am missing? > > Cheers, > > Adrian > > > > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Trac Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To view this discussion visit > https://groups.google.com/d/msgid/trac-users/e16deb88-2386-4a0e-9f32-e09d41480857n%40googlegroups.com > > <https://groups.google.com/d/msgid/trac-users/e16deb88-2386-4a0e-9f32-e09d41480857n%40googlegroups.com?utm_medium=email&utm_source=footer>. -- Jun Omae <[email protected]> (大前 潤) -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/trac-users/5cf7b765-f8f9-493c-962d-3e8169cfdaf9%40gmail.com.
