Changes between Version 1 and Version 2 of TracStandalone


Ignore:
Timestamp:
Mar 7, 2011 4:32:52 PM (2 years ago)
Author:
trac
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TracStandalone

    v1 v2  
    8383 
    8484Use [http://trac-hacks.org/wiki/WindowsServiceScript WindowsServiceScript], available at [http://trac-hacks.org/ Trac Hacks]. Installs, removes, starts, stops, etc. your Trac service. 
    85  
    86 === Option 3 === 
    87  
    88 also cygwin's cygrunsrv.exe can be used: 
    89 {{{ 
    90 $ cygrunsrv --install tracd --path /cygdrive/c/Python27/Scripts/tracd.exe --args '--port 8000 --env-parent-dir E:\IssueTrackers\Trac\Projects' 
    91 $ net start tracd 
    92 }}} 
    9385 
    9486== Using Authentication == 
     
    135127=== Basic Authorization: Using a htpasswd password file === 
    136128This section describes how to use `tracd` with Apache .htpasswd files. 
    137  
    138   Note: It is necessary (at least with Python 2.6) to install the fcrypt package in order to 
    139   decode the htpasswd format.  Trac source code attempt an `import crypt` first, but there 
    140   is no such package for Python 2.6. 
    141129 
    142130To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache): 
     
    273261See also [trac:TracOnWindowsIisAjp], [trac:TracNginxRecipe]. 
    274262 
    275 === Authentication for tracd behind a proxy 
    276 It is convenient to provide central external authentication to your tracd instances, instead of using {{{--basic-auth}}}. There is some discussion about this in #9206. 
    277  
    278 Below is example configuration based on Apache 2.2, mod_proxy, mod_authnz_ldap. 
    279  
    280 First we bring tracd into Apache's location namespace. 
    281  
    282 {{{ 
    283 <Location /project/proxified> 
    284         Require ldap-group cn=somegroup, ou=Groups,dc=domain.com 
    285         Require ldap-user somespecificusertoo 
    286         ProxyPass http://localhost:8101/project/proxified/ 
    287         # Turns out we don't really need complicated RewriteRules here at all 
    288         RequestHeader set REMOTE_USER %{REMOTE_USER}s 
    289 </Location> 
    290 }}} 
    291  
    292 Then we need a single file plugin to recognize HTTP_REMOTE_USER header as valid authentication source. HTTP headers like '''HTTP_FOO_BAR''' will get converted to '''Foo-Bar''' during processing. Name it something like '''remote-user-auth.py''' and drop it into '''proxified/plugins''' directory: 
    293 {{{ 
    294 #!python 
    295 from trac.core import * 
    296 from trac.config import BoolOption 
    297 from trac.web.api import IAuthenticator 
    298  
    299 class MyRemoteUserAuthenticator(Component): 
    300  
    301     implements(IAuthenticator) 
    302  
    303     obey_remote_user_header = BoolOption('trac', 'obey_remote_user_header', 'false',  
    304                """Whether the 'Remote-User:' HTTP header is to be trusted for user logins  
    305                 (''since ??.??').""")  
    306  
    307     def authenticate(self, req): 
    308         if self.obey_remote_user_header and req.get_header('Remote-User'):  
    309             return req.get_header('Remote-User')  
    310         return None 
    311  
    312 }}} 
    313  
    314 Add this new parameter to your TracIni: 
    315 {{{ 
    316 ... 
    317 [trac] 
    318 ... 
    319 obey_remote_user_header = true 
    320 ... 
    321 }}} 
    322  
    323 Run tracd: 
    324 {{{ 
    325 tracd -p 8101 -r -s proxified --base-path=/project/proxified 
    326 }}} 
    327  
    328263=== Serving a different base path than / === 
    329264Tracd supports serving projects with different base urls than /<project>. The parameter name to change this is