Trac authentication on Dreamhost

posted on November 30, 2010 by | Leave your thoughts

Simply put, Trac authentication will not work on Dreamhost the way you like if you go with the .htaccess approach. Trac recommends putting the following in your .htaccess of your trac install:



AuthType Basic
AuthName "Trac"
AuthUserFile /somewhere/trac.htpasswd
Require valid-user

However, dreamhost does not allow you to place any location directive from within your custom .htaccess files. This will result in an “Internal Server Error”. Yes very descriptive indeed.

If you are like most and just remove the location directives such that it is as follows:


AuthType Basic
AuthName "Trac"
AuthUserFile /somewhere/trac.htpasswd
Require valid-user

You have a semi-decent solution. However, this is semi-decent as this doesn’t allow any sort of anonymous access to your site as every page is hit with the authentication request. The first attempt in fact would, cause the end user to authenticate several times before entering the page.

A nicer solution is to use the TracAccountManager. This doesn’t use the basic authentication popup that you normally see but an integrated authentication. Configure this as follows:

Log in to the shell and type the following commands:

svn checkout http://trac-hacks.org/svn/accountmanagerplugin/0.11
cd 0.11
python setup.py bdist_egg
ls dist

You should see something like: TracAccountManager-0.2.1dev_r5836-py2.4.egg inside dist folder

cp dist/[TRACACCOUNTMANAGERBUILD] ~/PATH/TO/TRAC/plugins/[TRACACCOUNTMANAGERBUILD]

Replace “TRACACCOUNTMANAGERBUILD” with what you saw in the ls dist command

cd ~/PATH/TO/TRAC/conf

Now using your favorite editor you’ll need to add the following lines to trac.ini:

[account-manager]
password_file = /home/USERNAME/svn/SVNREPO.passwd
password_store = HtPasswdStore

While you are in trac.ini if you have the components section then add the following to it if not add a components sections with the following:


[components]
acct_mgr.admin.* = enabled
acct_mgr.api.* = enabled
acct_mgr.db.* = enabled
acct_mgr.htfile.* = enabled
acct_mgr.http.* = enabled
acct_mgr.notification.* = enabled
acct_mgr.pwhash.* = enabled
acct_mgr.svnserve.* = enabled
acct_mgr.web_ui.* = enabled
trac.web.auth.loginmodule = disabled

Now you can go back try clicking the login button which will prompt you for your svn username/password which should have admin rights if not go to the command prompt and type the following:


trac-admin path/to/trac permission add USERNAME TRAC_ADMIN

Enjoy!

My trac project management system has been successfully deployed. http://www.thusjanthan.com/trac/
Thusjanthan.

Posted in Uncategorized

Leave a Reply