Waldbieser, Carl writes: > I would like to actually move the authentication and role > management *outside* of mailman and have the administrative > interface consume the role based information from external sources > (e.g. LDAP, CAS or SAML2 attribute release), so I am looking for a > more "pluggable" authentication and access management architecture. > > Does anything like this exist for Mailman, or is it on the roadmap? > Are there technical guidelines for how one might contribute toward > something like this?
Andrew Stuart (who replied on mailman-users to direct you here) has been working on something like that. However, there's a problem here that there seem to be a number of different use cases, which are not sufficiently well-understood to specify separate authentication and/or authorization modules that could be "adapters" for external authentication and authorization sources. There's also the problem that Mailman core itself (the user and list manager, and mail distribution functionality) doesn't really have any authentication at all. The Postorius front-end uses an external authentication mechanism (Mozilla Persona) but the authorization information is kept in Mailman core. So we need requirements and specifications. For your purposes, you might look at Andrew's work; much of it might be adaptable to your needs. _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9