Apache，Trac和LDAP – 如何将它们粘合在一起？

我试图设置Trac来授权用户通过Debian（Lenny）服务器上的LDAP插件 。

LDAP似乎正常工作，我可以通过查询成功：

ldapsearch -vLx -h 127.0.0.1 -b "dc=example, dc=com" "(sn=mysurname)" 

如果我故意破坏我的Apache LDAP地址设置，我可以在/var/log/apache2/error.log中看到错误

 2010-08-27 17:19:38,909 Trac[api] WARNING: LDAP error: No such object (dc=examplefoo,dc=com) 

当我访问http://example.com:8022/trac并点击loginbutton，popupauthentication窗口（再次确认LDAP正在踢）， 但是 ，当我input正确的用户名/密码时，我只是得到一个Trac网站页面：

• 在Apache2 / Ubuntu上设置Mono / ASP.NET 4.0：虚拟主机？
• 对于现有文件，RewriteCond文件存在检查失败
• Apache反向代理访问控制
• Apache Web服务器无法响应服务器状态，显示所有等待连接的subprocess
• 脚本执行前，我可以全局设置$ _SERVER 吗？

 Trac Error Authentication information not available. Please refer to the installation documentation. TracGuide — The Trac User and Administration Guide 

日志同样没有帮助（忽略svn错误，我知道这一点）：

 2010-09-01 14:25:30,553 Trac[api] DEBUG: NEEDS UP?: sys:False, rep:False, stats:False, fields:False, man:False 2010-09-01 14:25:30,577 Trac[env] WARNING: base_url option not set in configuration, generated links may be incorrect 2010-09-01 14:25:30,577 Trac[main] DEBUG: Dispatching <Request "GET u'/login'"> 2010-09-01 14:25:30,583 Trac[svn_fs] INFO: Failed to load Subversion bindings Traceback (most recent call last): File "/home/web/example/buildout-cache/eggs/Trac-0.11-py2.6.egg/trac/versioncontrol/svn_fs.py", line 251, in __init__ _import_svn() File "/home/web/example/buildout-cache/eggs/Trac-0.11-py2.6.egg/trac/versioncontrol/svn_fs.py", line 69, in _import_svn from svn import fs, repos, core, delta ImportError: No module named svn 2010-09-01 14:25:30,584 Trac[chrome] DEBUG: Prepare chrome data for request 2010-09-01 14:25:30,586 Trac[api] DEBUG: action controllers for ticket workflow: ['ConfigurableTicketWorkflow'] 2010-09-01 14:25:30,597 Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_CREATE on None 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous performing TRAC_ADMIN on None 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous performing PERMISSION_GRANT on None 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous performing PERMISSION_REVOKE on None 2010-09-01 14:25:30,599 Trac[perm] DEBUG: No policy allowed anonymous performing TICKET_ADMIN on None 2010-09-01 14:25:30,601 Trac[main] WARNING: 500 Trac Error (Authentication information not available. Please refer to the <a href="/trac/wiki/TracInstall#ConfiguringAuthentication" title="Configuring Authentication">installation documentation</a>.) 2010-09-01 14:25:30,621 Trac[perm] DEBUG: No policy allowed anonymous performing EMAIL_VIEW on None 2010-09-01 14:25:30,621 Trac[session] DEBUG: Retrieving session for ID '20e2cfb643bff0f9121fe615' 2010-09-01 14:25:30,641 Trac[tande_filters] DEBUG: self.billing_reports= set([9, 10, 11, 12, 13, 14, 15, 16, 17]) 2010-09-01 14:25:30,642 Trac[ticket_webui] DEBUG: TicketWebUiAddon executing 2010-09-01 14:25:30,774 Trac[main] DEBUG: 124 unreachable objects found. 

我的apache设置如下。

 <VirtualHost example.com:8022> ServerName example.com ServerAlias example.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^/(.*) http://127.0.0.1:8002/$1 [P] </VirtualHost> <Location /trac/login> AuthType Basic AuthName "Trac" AuthBasicProvider ldap Order Allow,Deny Allow from All AuthLDAPURL "ldap://127.0.0.1:389/dc=example,dc=com?uid" #should be on if using groups AuthzLDAPAuthoritative off Require valid-user #Require ldap-group cn=tracusers,dc=example,dc=com </Location> 

服务器有许多其他的开发中的服务正在运行，因此是奇数的端口号。

我的trac.ini是全新的安装，有以下更改：

 [ldap] basedn = dc=example,dc=com bind_passwd = foo bind_user = cn=admin,dc=example,dc=com enable = true group_rdn = ou=people host = 127.0.0.1 port = 389 use_tls = false user_rdn = ou=users [components] ldapplugin.* = enabled 

为了testing，我只需启动Trac服务器：

 bin/tracd --port 8202 parts/trac 

我哪里错了？ 感觉好像Apacheconfiguration是错误的，因为LDAP好像在工作。

这是正确的命令启动服务器（例如htpasswd有它自己的select）？

从长远来看，运行服务器的最佳方式是什么？ WSGI？