My site (University of Washington) has a central authentication domain, and we like to use it for everything. I have hacked up 2.1b2 to support external authentication, meaning that your site-wide (UW) login ID is attached to your Mailman email addresses, and once authenticated by our web login you're authorized to deal with those emails.
We're getting set to use Mailman for a bunch of lists, like seriously several thousand. List membership varies, some are all UW (course mailing lists), some have hardly any UW members. Non-UW members will not be affected, they'll use the existing password system. UW members can use the password system too (so far, anyway), but they will normally (we hope) use their UW web login authentication. That's a cookie based central system, http://www.washington.edu/computing/pubcookie/ I process the potential UW login prior to WebAuthenticate(), and if it works, I can get per list email addresses for that ID, pick the right one for the page in question, if any, and authorize. Or if not, go on to WebAuthenticate() for the email and password. If authenticated by ID, I fill in the blanks in the listinfo page. I have it roughly working, can't tell if anyone but me has really even tried it yet. So it's real early in the development cycle. I can certainly release the code, but at this point it's more like a bunch of hacks to support our environment, than a solution to the general problem. Is there anyone else out there who is doing this kind of thing, or contemplating it? The changes are primarily in Cgi/*.py, plus a couple of policy refinements in MailList.py, and of course a module to handle all the new stuff and the external database that holds the list/email data for an ID. The database in particular is just a stop-gap implementation. Donn Cave, University Computing Services, University of Washington [EMAIL PROTECTED] _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman-21/listinfo/mailman-developers
