oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-07-02 16:58:30 +00:00
Code Wiki Activity

Add the Apache auth configuration in the documentation

Browse source
This commit is contained in:
Guillaume Ayoub 2012-02-28 13:04:34 +01:00
parent ee0bda69ed
commit b31e7e02f3
1 changed files with 40 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

52
pages/user_documentation.rst
View file

@ -460,20 +460,48 @@ to your environment):
You should use the root of the (sub)domain (``WSGIScriptAlias /``), else You should use the root of the (sub)domain (``WSGIScriptAlias /``), else
some CalDAV features may not work. some CalDAV features may not work.
.. important:: If you want to use authentication with Apache, you *really* should use one of
If you want to use authentication with Apache, you *really* should use one the Apache authentication modules, instead of the ones from Radicale: they're
of the Apache authentication modules, instead of the ones from Radicale: just better.
they're just better.
Deactivate any ACL module in Radicale and use your favourite Apache Deactivate any ACL module in Radicale and use your favourite Apache
authentication backend. You can then restrict the access: allow the authentication backend. You can then restrict the access: allow the ``alice``
``alice`` user to access ``/alice/*`` URLs, and everything should work as user to access ``/alice/*`` URLs, and everything should work as expected.
expected.
If you're still convinced that access control is better with Radicale, you Here is one example of Apache configuration file:
have to add ``WSGIPassAuthorization On`` in your Apache configuration files,
as explained in `the mod_wsgi documentation .. code-block:: apache
<http://code.google.com/p/modwsgi/wiki/ConfigurationGuidelines#User_Authentication>`_.
<VirtualHost *:80>
ServerName radicale.local
WSGIDaemonProcess radicale user=radicale group=radicale threads=1
WSGIScriptAlias / /usr/share/radicale/radicale.wsgi
<Directory /usr/share/radicale/>
WSGIProcessGroup radicale
WSGIApplicationGroup %{GLOBAL}
AuthType Basic
AuthName "Radicale Authentication"
AuthBasicProvider file
AuthUserFile /usr/share/radicale/radicale.passwd
Require valid-user
AllowOverride None
Order allow,deny
allow from all
RewriteEngine On
RewriteCond %{REMOTE_USER}%{PATH_INFO} !^([^/]+/)\1
RewriteRule .* - [Forbidden]
</Directory>
</VirtualHost>
If you're still convinced that access control is better with Radicale, you have
to add ``WSGIPassAuthorization On`` in your Apache configuration files, as
explained in `the mod_wsgi documentation
<http://code.google.com/p/modwsgi/wiki/ConfigurationGuidelines#User_Authentication>`_.
.. note:: .. note::
Read-only calendars can also be served by a simple Apache HTTP server, as Read-only calendars can also be served by a simple Apache HTTP server, as