On Tue, Sep 01, 2015 at 11:15:47AM -0400, Waldbieser, Carl wrote: > I know that currently, mailman roles are set up such that the roles > themselves have a shared password per role. I want to be able to move away > from that model and have roles assigned to individual user accounts that > would allow access to the admin interfaces for individual lists. > > For example, say we have mail lists "Campus" and "Board of Trustees". I > might have roles "campus_moderators", "campus_admins", > "boardoftrustees_moderators", and "boardoftrustees_admins". > If I assign the role campus_admins to user "johnsmith", I would like this > user to be able to access the mailman admin interface for the "Campus" list > using his own credentials. Ideally, "johnsmith" would not have to present > his primary credentials to the mailman interface because our institution has > a web single sign-on infrastructure (Web SSO). > > I would like to actually move the authentication and role management > *outside* of mailman and have the administrative interface consume the role > based information from external sources (e.g. LDAP, CAS or SAML2 attribute > release), so I am looking for a more "pluggable" authentication and access > management architecture. > > Does anything like this exist for Mailman, or is it on the roadmap? Are > there technical guidelines for how one might contribute toward something like > this?
Are you using Mailman version 2 or 3? From your mail mentioning single moderator password, I suspect version 2. In postorius (Mailman 3) you can add moderators and owners, these will have access to the administrative options. About LDAP: You just have to add another authentication mechanism in django. You will just need to provide an email address for every user.
signature.asc
Description: PGP signature
_______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
