I have set up trac on my domain for issue tracking. How to I configure it so that when anonymous users visit the domain, ALL they see is a login form. Basically I want 2 security levels:
anonymous - visitors only have access to a login option
users (i.e. everybody else who has logged in) - have access to everything
Thanks!
You can remove all permissions for the anonymous user:
trac-admin /path/to/projenv permission remove anonymous '*'
For details see the Trac permission docs
Trac offers two different permission groups by default:
The docs describe how to change the group defaults and how you can form new permission sets in the permission groups section.
The solution given by Thomas Zoechling does not work anymore, with trac 1.0.2 one needs to copy the permissions of anonymous user to authenticated manually:
trac-admin /path/to/projenv permission list anonymous
#gets: BROWSER_VIEW CHANGESET_VIEW FILE_VIEW LOG_VIEW MILESTONE_VIEW REPORT_SQL_VIEW REPORT_VIEW ROADMAP_VIEW SEARCH_VIEW TICKET_VIEW TIMELINE_VIEW WIKI_VIEW
trac-admin /path/to/projenv permission remove anonymous '*'
trac-admin /path/to/projenv permission add authenticated BROWSER_VIEW CHANGESET_VIEW FILE_VIEW LOG_VIEW MILESTONE_VIEW REPORT_SQL_VIEW REPORT_VIEW ROADMAP_VIEW SEARCH_VIEW TICKET_VIEW TIMELINE_VIEW WIKI_VIEW
You'll want to look at the AccountManagerPlugin. It allows form-based authentication. You also want to remove permissions form anonymous as described in the other post.
