I'd like to setup Trac as a standalone daemon, but as an internal service. I.e. I want people to do a http authentication before even entering wiki.
Both --auth and --basic-auth give me user authentication, which is ok too, but I cannot find any way to do http-auth. Is there any way?
Edit: I know I can enable authentication if I run trac via a web server, but I don't want to do that. I'd really like to stick to the standalone tracd if possible.
I'm not sure that tracd supports exactly what you are after, but if you revoke all permissions from "anonymous", and grant those permissions to "authenticated" instead, that may be close enough for your needs.
Could you possibly run it as a standalone listening on a local port and use another web server as a reverse-proxy with authentication? It might be possible with lighttpd or squid or even apache.
I use the AuthRequiredPlugin for this, which redirects all requests to the login page until the user has authenticated. The page says that this is for trac 0.10, but I've used it in 0.11 without problems.
The big caveat with removing anonymous WIKI_VIEW is that unauthenticated users cannot see a "landing page" (if you want instructions on how to obtain access, etc), they only see a permission error.
Set up "Fine Grained Permissions", and you can specify parts of the site to be accessible to anonymous users all the way down to restricting all access other than the WikiStart page.
