Changes between Version 3 and Version 4 of TracStandalone


Ignore:
Timestamp:
12/19/11 21:29:15 (13 years ago)
Author:
trac
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TracStandalone

    v3 v4  
    8686== Using Authentication ==
    8787
    88 Tracd provides support for both Basic and Digest authentication. The default is to use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the examples below. (You must still specify a dialogic "realm", which can be an empty string by trailing the BASICAUTH with a comma.)
    89 
     88Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line.
    9089
    9190The general format for using authentication is:
     
    9392 $ tracd -p port --auth="base_project_dir,password_file_path,realm" project_path
    9493}}}
    95 
    9694where:
    97 
    9895 * '''base_project_dir''': the base directory of the project specified as follows:
    9996   * when serving multiple projects: ''relative'' to the `project_path`
     
    103100 * '''realm''': the realm name (can be anything)
    104101 * '''project_path''': path of the project
    105  * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth
     102
     103 * **`--auth`** in the above means use Digest authentication, replace `--auth` with `--basic-auth` if you want to use Basic auth.  Although Basic authentication does not require a "realm", the command parser does, so the second comma is required, followed directly by the closing quote for an empty realm name.
    106104
    107105Examples:
     
    127125}}}
    128126
    129 === Using a htpasswd password file ===
     127=== Basic Authorization: Using a htpasswd password file ===
    130128This section describes how to use `tracd` with Apache .htpasswd files.
    131129
    132130To create a .htpasswd file use Apache's `htpasswd` command (see [#GeneratingPasswordsWithoutApache below] for a method to create these files without using Apache):
    133 
    134131{{{
    135132 $ sudo htpasswd -c /path/to/env/.htpasswd username
     
    141138
    142139Then to start `tracd` run something like this:
    143 
    144140{{{
    145141 $ tracd -p 8080 --basic-auth="projectdirname,/fullpath/environmentname/.htpasswd,realmname" /fullpath/environmentname
     
    147143
    148144For example:
    149 
    150145{{{
    151146 $ tracd -p 8080 --basic-auth="testenv,/srv/tracenv/testenv/.htpasswd,My Test Env" /srv/tracenv/testenv
    152147}}}
    153 
    154148''Note:'' You might need to pass "-m" as a parameter to htpasswd on some platforms (OpenBSD).
    155149
    156 === Using a htdigest password file ===
     150=== Digest authentication: Using a htdigest password file ===
    157151
    158152If you have Apache available, you can use the htdigest command to generate the password file. Type 'htdigest' to get some usage instructions, or read [http://httpd.apache.org/docs/2.0/programs/htdigest.html this page] from the Apache manual to get precise instructions.  You'll be prompted for a password to enter for each user that you create.  For the name of the password file, you can use whatever you like, but if you use something like `users.htdigest` it will remind you what the file contains. As a suggestion, put it in your <projectname>/conf folder along with the [TracIni trac.ini] file.
     
    162156=== Generating Passwords Without Apache ===
    163157
    164 If you don't have Apache available, you can use this simple Python script to generate your passwords:
     158Basic Authorization can be accomplished via this [http://www.4webhelp.net/us/password.php online HTTP Password generator].  Copy the generated password-hash line to the .htpasswd file on your system.
     159
     160You can use this simple Python script to generate a '''digest''' password file:
    165161
    166162{{{
     
    196192}}}
    197193
    198 Note: If you use the above script you must use the --auth option to tracd, not --basic-auth, and you must set the realm in the --auth value to 'trac' (without the quotes). Example usage (assuming you saved the script as trac-digest.py):
     194Note: If you use the above script you must set the realm in the `--auth` argument to '''`trac`'''. Example usage (assuming you saved the script as trac-digest.py):
    199195
    200196{{{
     
    203199}}}
    204200
    205 
    206 Note: If you would like to use --basic-auth you need to use htpasswd tool from apache server to generate .htpasswd file. The remaining part is similar but make sure to use empty realm (i.e. coma after path). Make sure to use -m option for it.  If you do not have Apache, [trac:source:/tags/trac-0.11/contrib/htpasswd.py htpasswd.py] may help.  (Note that it requires a `crypt` or `fcrypt` module; see the source comments for details.)
    207 
    208 It is possible to use md5sum utility to generate digest-password file using such method:
     201==== Using `md5sum`
     202It is possible to use `md5sum` utility to generate digest-password file:
    209203{{{
    210204 $ printf "${user}:trac:${password}" | md5sum - >>user.htdigest