Changes between Version 3 and Version 4 of TracStandalone
- Timestamp:
- 12/19/11 21:29:15 (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
TracStandalone
v3 v4 86 86 == Using Authentication == 87 87 88 Tracd provides support for both Basic and Digest authentication. The default is to use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the examples below. (You must still specify a dialogic "realm", which can be an empty string by trailing the BASICAUTH with a comma.) 89 88 Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line. 90 89 91 90 The general format for using authentication is: … … 93 92 $ tracd -p port --auth="base_project_dir,password_file_path,realm" project_path 94 93 }}} 95 96 94 where: 97 98 95 * '''base_project_dir''': the base directory of the project specified as follows: 99 96 * when serving multiple projects: ''relative'' to the `project_path` … … 103 100 * '''realm''': the realm name (can be anything) 104 101 * '''project_path''': path of the project 105 * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth 102 103 * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth. Although Basic authentication does not require a "realm", the command parser does, so the second comma is required, followed directly by the closing quote for an empty realm name. 106 104 107 105 Examples: … … 127 125 }}} 128 126 129 === Using a htpasswd password file ===127 === Basic Authorization: Using a htpasswd password file === 130 128 This section describes how to use `tracd` with Apache .htpasswd files. 131 129 132 130 To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache): 133 134 131 {{{ 135 132 $ sudo htpasswd -c /path/to/env/.htpasswd username … … 141 138 142 139 Then to start `tracd` run something like this: 143 144 140 {{{ 145 141 $ tracd -p 8080 --basic-auth="projectdirname,/fullpath/environmentname/.htpasswd,realmname" /fullpath/environmentname … … 147 143 148 144 For example: 149 150 145 {{{ 151 146 $ tracd -p 8080 --basic-auth="testenv,/srv/tracenv/testenv/.htpasswd,My Test Env" /srv/tracenv/testenv 152 147 }}} 153 154 148 ''Note:'' You might need to pass "-m" as a parameter to htpasswd on some platforms (OpenBSD). 155 149 156 === Using a htdigest password file ===150 === Digest authentication: Using a htdigest password file === 157 151 158 152 If you have Apache available, you can use the htdigest command to generate the password file. Type 'htdigest' to get some usage instructions, or read [http://httpd.apache.org/docs/2.0/programs/htdigest.html this page] from the Apache manual to get precise instructions. You'll be prompted for a password to enter for each user that you create. For the name of the password file, you can use whatever you like, but if you use something like `users.htdigest` it will remind you what the file contains. As a suggestion, put it in your <projectname>/conf folder along with the [TracIni trac.ini] file. … … 162 156 === Generating Passwords Without Apache === 163 157 164 If you don't have Apache available, you can use this simple Python script to generate your passwords: 158 Basic Authorization can be accomplished via this [http://www.4webhelp.net/us/password.php online HTTP Password generator]. Copy the generated password-hash line to the .htpasswd file on your system. 159 160 You can use this simple Python script to generate a '''digest''' password file: 165 161 166 162 {{{ … … 196 192 }}} 197 193 198 Note: If you use the above script you must use the --auth option to tracd, not --basic-auth, and you must set the realm in the --auth value to 'trac' (without the quotes). Example usage (assuming you saved the script as trac-digest.py):194 Note: If you use the above script you must set the realm in the `--auth` argument to '''`trac`'''. Example usage (assuming you saved the script as trac-digest.py): 199 195 200 196 {{{ … … 203 199 }}} 204 200 205 206 Note: If you would like to use --basic-auth you need to use htpasswd tool from apache server to generate .htpasswd file. The remaining part is similar but make sure to use empty realm (i.e. coma after path). Make sure to use -m option for it. If you do not have Apache, [trac:source:/tags/trac-0.11/contrib/htpasswd.py htpasswd.py] may help. (Note that it requires a `crypt` or `fcrypt` module; see the source comments for details.) 207 208 It is possible to use md5sum utility to generate digest-password file using such method: 201 ==== Using `md5sum` 202 It is possible to use `md5sum` utility to generate digest-password file: 209 203 {{{ 210 204 $ printf "${user}:trac:${password}" | md5sum - >>user.htdigest