Hello
I'm stuck on a configuration issue and i'm not able to find any documentation about it

i'm in a rather simple scenario: I have a web site (Trac) on a debian server which optionally requires user authentication.
Since high security on this machine is not really an issue (but ease of managing is) I'd like the users to log in with the same user/pass they use to authenticate onto the server, so avoiding the need to manually mantain an htpasswd file etc

Is there a way to achieve this?
if the burden goes beyond managing an htpasswd file i'll probably have stick with that, but any solution is well appreciated

Maybe see http://www.unixpapa.com/mod_auth_external.html and http://sourceforge.net/projects/mod-auth-shadow/. If you use 'em please read the "security considerations" part. Increase your mana additionally by pondering the reasons for applications to *not* require /etc/shadow access but use the "virtual user" concept instead.

Thank you very much, mod-auth-shadow was exactly what I was looking for
(I see mod-auth-external reaches the same goals with more flexibility but with options I don't need)

it's already working
thanks again and Happy New Year

yep, i did
the fact is this is an internal lan server that almost only serves as svn repository and trac. having to manage different auths for shell/svn/trac etc really goes beyond the added risk of having www-data access the shadow pw file

btw since currently there isn't a main deb package for mod_auth_shadow, I found out that you can achieve the same result using mod_auth_pam and pointing to /etc/shadow as AuthUserFile

thanks again for your suggestions