Thank you Mark, it works marvellously !!! Thousand thanks again!! 2012/1/27 Mark Sapiro <m...@msapiro.net>
> Michele Federle wrote: > > >I've done it, but now there is a problem!!! In the options-page appears an > >error: > > > >Bug in Mailman version 2.1.13 > >We're sorry, we hit a bug! > > > You have made a mistake in modifying options.py. There will be an entry > in Mailman's 'error' log from the above including a traceback and a > Python error. > > If you can't figure out your mistake, post the traceback and error and > your modified code. > > I suggest you copy/paste the code fragment directly from > <http://mail.python.org/pipermail/mailman-users/2012-January/072811.html>. > > > >2012/1/27 Mark Sapiro <m...@msapiro.net> > >> > >> If you really mean you would like an authentication failure from the > >> options login page to return the list's listinfo page with an error > >> message, that would be difficult to do because the listinfo page > >> doesn't have a mechanism for reporting errors when invoked with an > >> HTTP GET. And why would you want to take the user away from the login > >> page just because of a simple typo in email address or password? > > > > > >Just because I modified the html and I have both email and password inputs > >for login in the listinfo page :) > >So it would be better if users don't see the login form on the > options-page, > >it doesn't suit with the rest!! > > > OK, but the web UI wasn't designed to work that way, so it's not easy > to do. > > > >>If you just want to replace the "Authentication failed." error message > >> with something more specific, you could do that, but you would have to > >> modify the code to first validate the member address, because the > >> existing code calls the SecurityManager WebAuthenticate() method to > >> authenticate the entry and it's context (list member, list owner, site > >> owner) and receives onle a True or False return. > > > > > >Oh, such a shame!! And make a simple redirect in case of login-error?? > > > If you want to have an options login failure go back to the listinfo > page, you can make a similar modification to this code: > > if cgidata.has_key('password'): > doc.addError(_('Authentication failed.')) > # So as not to allow membership leakage, prompt for the > email > # address and the password here. > if mlist.private_roster <> 0: > syslog('mischief', > 'Login failure with private rosters: %s', > user) > user = None > # give an HTTP 401 for authentication failure > print 'Status: 401 Unauthorized' > loginpage(mlist, doc, user, language) > print doc.Format() > return > > changing it to something like: > > if cgidata.has_key('password'): > doc.addError(_('Authentication failed.')) > # So as not to allow membership leakage, prompt for the > email > # address and the password here. > if mlist.private_roster <> 0: > syslog('mischief', > 'Login failure with private rosters: %s', > user) > user = None > listinfo_url = '%slistinfo%s/%s' % (mlist.web_page_url, > mm_cfg.CGIEXT, > mlist.internal_name(), > ) > print """Status: 303 See Other > Location: %s > > If you see this, <a href=%s>Click to redirect</a>. > """ % (listinfo_url, listinfo_url) > return > > > -- > Mark Sapiro <m...@msapiro.net> The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > > -- :: Michele Federle :: Twitter: @mikecesure :: Skype: mikecesure ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
