see also TracLdapAuthPlugin
I'm not the developer or maintainer of the LDAPAuthPlugin, and this is not a real reference; just some quick notes on using LDAPAuthPlugin with a standalone tracd:
Prerequisites:
- install python-ldap
- install AccountManager plugin
- install LDAPAuth plugin http://pypi.python.org/pypi/TracLDAPAuth/
I'm using tracd to serve multiple projects, and have a global trac.ini:
[ldap] bind_dn =<bind DN> ;e.g. bind_dn = uid=%s,ou=people,dc=foo,dc=bar,dc=moo server = <ldap server address> [components] trac.web.auth.LoginModule = disabled acct_mgr.admin.accountmanageradminpage = enabled acct_mgr.api.accountmanager = enabled acct_mgr.web_ui.LoginModule = enabled ; be sure to enable the component ldapauth.store.LDAPStore = enabled [account-manager] ; configure the plugin to store passwords in the htdigest format: password_store = LDAPStore
This global trac.ini then gets inherited by each trac projects' trac.ini:
# -*- coding: utf-8 -*- [inherit] file = /my/path/to/trac_projects/trac.ini ...
Start tracd like this:
tracd -p 80 -e /my/path/to/trac_projects
If you are using TracForge to get some multi-project support (single sign-on etc.) you might rather want to start like this, so only the master project shows up on the standard projects list page:
tracd -p 80 /my/path/to/trac_projects/my_master_project
A Better Ldap Solution
This plugin doesn't support user listing, changing password, registration or non-simple binding.
LDAPAuthStore offers a better solution linking LdapPlugin to AccountManager. Provide user listing, password changing, MD5/CRYPT/SASL binding/authentication.
Author/Contributors
- LDAPAuthPlugin Code Author: Noah Kantrowitz <coderanger at yahoo com>
- This Page Author: jholg
- This Page Contributor: Yu Huang (crocea)