Allow the TracD service to accept the basic/digest authentication from Apache when run with a proxy rule. This works by using the HTTP_REMOTE_USER header and accepting it by an IAuthenticator implementation. (http://trac.edgewall.org/ticket/9206)

NOTE: add the line "RequestHeader set REMOTE_USER %{REMOTE_USER}s" in your /etc/httpd/conf.d/trac.conf file - it might look like this:

<Location /trac>
    AuthType "Digest"
    AuthName "Trac"
    AuthDigestProvider file
    AuthUserFile /srv/trac/trac/conf/htdigest.users
    AuthDigestDomain /trac
    Require valid-user
    Order deny,allow
    Allow from all
    RequestHeader set REMOTE_USER %{REMOTE_USER}s

and in /srv/trac/trac/conf/trac.ini set

 trac_proxy_auth.remote_user_auth.remoteuserauthenticator = enabled

 obey_remote_user_header = true


Use one of the tags at http://bitbucket.org/guidod/trac-proxy-auth

Use can use "python setup.py install" for direct installation or you can roll your own local rpm by "python setup.py bdist -b /tmp -p noarch --formats rpm"

Prebuilt rpm packages are available in the trac12 installation stack: https://build.opensuse.org/project/show?project=home%3Aguidod%3Atrac12