How to Password Protect Redmine using mod_perl, Apache and Redmine.pm – HOWTO

Posted on by

Currently I was required to password-protect some sort of Redmine setting up. I’ve commonly used mod_auth_mysql intended for similar initiatives, but Redmine relies on a salted code format that’s incompatible having mod_auth_mysql. And so, I taken on Apache/Perl authentication, a first in my opinion (When i rarely hint Perl) and could make the item work.

1.Install mod_perl, and the DBI, MySQL, and Digest (SHA1) Perl modules.

$ apt-get install libapache-dbi-perl libapache2-mod-perl2 libdbd-

2. Copy Redmine.pm to the relevant Perl location.

$ cd /path/to/redmine
$ mkdir -p /usr/lib/perl5/Apache/Authn
$ cp extra/svn/Redmine.pm /usr/lib/perl5/Apache/Authn/

3. Maybe I’m not using Redmine’s projects/members/permissions right, but I had to patch Redmine.pm to get it to function for me. I simplified the SQL statement used to auth a user. There’s no sense of permissions; it’s pretty much a yes/no for authed users.

--- Redmine.pm  2011-11-12 17:33:10.000000000 -0700
+++ Redmine.richardkmiller.pm   2011-11-12 17:37:26.000000000 -0700
@@ -148,16 +148,11 @@
   my ($self, $parms, $arg) = @_;
   $self->{RedmineDSN} = $arg;
   my $query = "SELECT
-                 hashed_password, salt, auth_source_id, permissions
-              FROM members, projects, users, roles, member_roles
+                 hashed_password, salt
+              FROM users
               WHERE
-                projects.id=members.project_id
-                AND member_roles.member_id=members.id
-                AND users.id=members.user_id
-                AND roles.id=member_roles.role_id
-                AND users.status=1
-                AND login=?
-                AND identifier=? ";
+                    users.status=1
+                AND login=?";
   $self->{RedmineQuery} = trim($query);
 }

@@ -336,11 +331,12 @@
   }
   my $query = $cfg->{RedmineQuery};
   my $sth = $dbh->prepare($query);
-  $sth->execute($redmine_user, $project_id);
+  $sth->execute($redmine_user);

   my $ret;
-  while (my ($hashed_password, $salt, $auth_source_id, $permissions) = $sth->fetchrow_array) {
-
+  while (my ($hashed_password, $salt) = $sth->fetchrow_array) {
+      my $permissions = ":commit_access";
+      my $auth_source_id = 0;
       unless ($auth_source_id) {
                my $method = $r->method;
           my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest);

4. Configure and restart Apache.


    ServerName example.com
    DocumentRoot "/var/www/sites/example.com/public"
    RailsEnv production

    PerlLoadModule Apache::Authn::Redmine

        AuthType basic
        AuthName "Private Area"
        Require valid-user
        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler
        RedmineDSN "DBI:mysql:database=my_database;host=localhost"
        RedmineDbUser my_db_user
        RedmineDbPass my_db_password

Also note that, I’m running Ubuntu 11.10 (oneiric), Apache 2.2, MySQL 5.1, and Redmine 1.2.2.

random friendly ad link:
clicky
clicky
clicky
clicky
clicky
clicky

Leave a Reply

Your email address will not be published. Required fields are marked *

*

CAPTCHA Image

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>