1 [[!meta title="How can I restrict my Trac instance to only certain users?"]]
2 If you wish to restrict access to your Trac instance to only
3 certain people with MIT certificates, you may do so by editing the
4 .htaccess file in the directory you installed Trac into.
5 **Note: There is also a .htaccess file in the tracdata subdirectory, and that file should *not* be changed.**
7 Initially, when you've used the Trac autoinstaller, the .htaccess
8 file will look similar this:
11 AuthSSLCertAuthoritative off
12 AuthSSLCertVar SSL_CLIENT_S_DN_Email
13 AuthSSLCertStripSuffix @MIT.EDU
19 RewriteCond %{HTTPS} =on
20 RewriteRule ^logout http://%{SERVER_NAME}%{REQUEST_URI} [R,L]
22 RewriteCond %{REQUEST_URI} !^/~yourlocker/trac-path/trac.fcgi
23 RewriteRule ^(.*)$ /~yourlocker/trac-path/trac.fcgi/$1 [L]
27 ErrorDocument 401 /__scripts/needcerts
30 You will want to change it to be similar to the following (changes
31 are highlighted in red):
34 #AuthSSLCertAuthoritative off
35 AuthSSLCertVar SSL_CLIENT_S_DN_Email
36 AuthSSLCertStripSuffix @MIT.EDU
37 Require user moe larry curly
39 ErrorDocument 401 /__scripts/needcerts
43 RewriteCond %{HTTPS} =on
44 RewriteRule ^logout http://%{SERVER_NAME}%{REQUEST_URI} [R,L]
46 RewriteCond %{REQUEST_URI} !^/~yourlocker/tracpath/trac.fcgi
47 RewriteRule ^(.*)$ /~yourlocker/trac-path/trac.fcgi/$1 [L]
51 ErrorDocument 401 /__scripts/needcerts