Gentoo Wiki


This article is still a Stub. You can help Gentoo-Wiki by expanding it.

Please format this article according to the guidelines and Wikification suggestions, then remove this notice {{Wikify}} from the article


What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.

OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.

The first piece of the OpenID framework is authentication -- how you prove ownership of a URI. Today, websites require usernames and passwords to login, which means that many people use the same password everywhere. With OpenID Authentication (see specs), your username is your URI, and your password (or other credentials) stays safely stored on your OpenID Provider (which you can run yourself, or use a third-party identity provider).

To login to an OpenID-enabled website (even one you've never been to before), just type your OpenID URI. The website will then redirect you to your OpenID Provider to login using whatever credentials it requires. Once authenticated, your OpenID provider will send you back to the website with the necessary credentials to log you in. By using Strong Authentication where needed, the OpenID Framework can be used for all types of transactions, both extending the use of pure single-sign-on as well as the sensitivity of data shared.


There are some python deps you will need to install for it to work with trac.

Below are the libs you will need (the last 2 are likely already packaged for the distro used).

python-yadis /

python-openid /

python-urljr /

pycrypto /

elementtree /

The libs are easy to install with python install. I will post ebuilds later.

Install the plugin for trac as any other plugin as instructed on You can install per environment or globally.


Now we need to disable the standard webauth and enable the openidauth plugin. Add the below to the projects trac.ini.

trac.web.auth.* = disabled
openidauth.* = enabled

You will also want to disable authentication in Apache. Comment the whole section that starts with

#<Location /projectname/login>

The permission structure is exactly the same as with the normal webauthentication. But remember to add a trailing / at the end of the OpenID (for example:

Trouble shooting

Currently I get a failure if I run trac under cgi but it works under mod_python. I have reported it to the author of the plugin,

Retrieved from ""

Last modified: Fri, 05 Sep 2008 20:38:00 +0000 Hits: 3,772