Michele Federle wrote: >I've done it, but now there is a problem!!! In the options-page appears an >error: > >Bug in Mailman version 2.1.13 >We're sorry, we hit a bug!
You have made a mistake in modifying options.py. There will be an entry in Mailman's 'error' log from the above including a traceback and a Python error. If you can't figure out your mistake, post the traceback and error and your modified code. I suggest you copy/paste the code fragment directly from <http://mail.python.org/pipermail/mailman-users/2012-January/072811.html>. >2012/1/27 Mark Sapiro <m...@msapiro.net> >> >> If you really mean you would like an authentication failure from the >> options login page to return the list's listinfo page with an error >> message, that would be difficult to do because the listinfo page >> doesn't have a mechanism for reporting errors when invoked with an >> HTTP GET. And why would you want to take the user away from the login >> page just because of a simple typo in email address or password? > > >Just because I modified the html and I have both email and password inputs >for login in the listinfo page :) >So it would be better if users don't see the login form on the options-page, >it doesn't suit with the rest!! OK, but the web UI wasn't designed to work that way, so it's not easy to do. >>If you just want to replace the "Authentication failed." error message >> with something more specific, you could do that, but you would have to >> modify the code to first validate the member address, because the >> existing code calls the SecurityManager WebAuthenticate() method to >> authenticate the entry and it's context (list member, list owner, site >> owner) and receives onle a True or False return. > > >Oh, such a shame!! And make a simple redirect in case of login-error?? If you want to have an options login failure go back to the listinfo page, you can make a similar modification to this code: if cgidata.has_key('password'): doc.addError(_('Authentication failed.')) # So as not to allow membership leakage, prompt for the email # address and the password here. if mlist.private_roster <> 0: syslog('mischief', 'Login failure with private rosters: %s', user) user = None # give an HTTP 401 for authentication failure print 'Status: 401 Unauthorized' loginpage(mlist, doc, user, language) print doc.Format() return changing it to something like: if cgidata.has_key('password'): doc.addError(_('Authentication failed.')) # So as not to allow membership leakage, prompt for the email # address and the password here. if mlist.private_roster <> 0: syslog('mischief', 'Login failure with private rosters: %s', user) user = None listinfo_url = '%slistinfo%s/%s' % (mlist.web_page_url, mm_cfg.CGIEXT, mlist.internal_name(), ) print """Status: 303 See Other Location: %s If you see this, <a href=%s>Click to redirect</a>. """ % (listinfo_url, listinfo_url) return -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
