from trac.web.standalone import BasicAuth, DigestAuth, TracHTTPServer
+from trac.web.TrustedAuth import *
import getopt
import locale
@@ -56,6 +57,7 @@
try:
opts, args = getopt.getopt(sys.argv[1:], "a:p:b:de:",
["auth=", "port=", "hostname=","daemonize",
+ "trusted-auth=",
"env-parent-dir=", "basic-auth="])
except getopt.GetoptError, e:
print e
@@ -66,6 +68,8 @@
add_auth(auths, a, DigestAuth)
if o == '--basic-auth':
add_auth(auths, a, BasicAuth)
+ if o == '--trusted-auth':
+ add_auth(auths, a, TrustedAuth)
if o in ("-p", "--port"):
port = int(a)
elif o in ("-b", "--hostname"):
url: archives/2006/06/trac.html
--- trac-0.9.5-ja-1/trac/web/TrustedAuth.py 1970-01-01 09:00:00.000000000 +0900
+++ trac-0.9.5-ja-1kai/trac/web/TrustedAuth.py 2006-06-04 20:40:22.000000000 +0900
@@ -0,0 +1,67 @@
+# -*- coding: utf-8 -*-
+#
+# This is adhoc auth?-module under tracd.
+#
+# If you are using tracd and external proxy(ex. mod_proxy) with some auth
+# method, the access for tracd is already authorized.
+#
+# TrustedAuth regard the user as already trusted.
+# The user extraced from Authorization field.
+#
+# Author: tckz<[email protected]>
+#
+
+from trac import util, __version__
+from trac.web.api import Request
+from trac.web.cgi_frontend import TracFieldStorage
+
+import urllib2
+
+try:
+ from base64 import b64decode
+except ImportError:
+ from base64 import decodestring as b64decode
+
+
+class TrustedAuth:
+ def __init__(self, dummy, realm):
+ self.realm = realm
+
+ def send_auth_request(self, req):
+ req.send_response(401)
+ req.end_headers()
+
+ def parse_auth_header(self, authorization):
+ values = {}
+ for value in urllib2.parse_http_list(authorization):
+ n, v = value.split('=', 1)
+ if v[0] == '"' and v[-1] == '"':
+ values[n] = v[1:-1]
+ else:
+ values[n] = v
+ return values
+
+ def do_auth(self, req):
+ if not 'Authorization' in req.headers:
+ self.send_auth_request(req)
+ return None
+
+ user = ""
+ if req.headers['Authorization'].startswith('Basic'):
+ auth = req.headers['Authorization'][len('Basic')+1:]
+ auth = b64decode(auth).split(':')
+ if len(auth) == 2:
+ user, password = auth
+ elif req.headers['Authorization'].startswith('Digest'):
+ auth = self.parse_auth_header(req.headers['Authorization'][7:])
+ if auth.has_key('username'):
+ user = auth['username']
+ else:
+ self.send_auth_request(req)
+
+ if user == "":
+ self.send_auth_request(req)
+ return None
+
+ return user
+
ちなみにCGI型の場合、apacheで認証したユーザすなわちREMOTE_USERがtracユーザとして扱われるようで特別なことはなにも必要ない。(だけど遅い、と)
python触るのは初めてなのでもっといい書き方を教えて欲しいところだが、あんましpython好きくないかも。「元々のソースに存在するブロックに対応して追加したelseブロックがautoindentでHTが使われたために対応するブロックとして認識されずsyntax error」というのは好きになれそうもない。でもgeekには人気があるっていうよね。
>> Home