I have installed Trac on my webserver. First of all it seems in secure because it immediately exposed my repository to the world. How does Trac access my repository without providing it with some credentials to access the authz protected repository? Second, can I use the same users or groups in svn's authz to use as the users and groups in Trac?
+1
A:
Trac accesses your repository directly - that's why it ignores authz that works for your webserver. See http://trac.edgewall.org/wiki/AuthzPolicy and http://trac.edgewall.org/wiki/TracFineGrainedPermissions if you need Trac to use authz for fine-grained browser access.
From that I know - you can't use users from authz as Trac users, because authz doesn't store authentication passwords to recognize these users. See http://trac-hacks.org/wiki/AccountManagerPlugin for supported storages.
techtonik
2010-02-28 01:11:31