Dear Mailman Developers, we had a nice discussion this afternoon (13:00 - 15:00) UTC about this topic. I've written a small blogposts about the results which will be implemented in near future. http://benste.blogspot.com/2011/07/discussion-on-acls-using-mailman30-and.html
Key aspects: Decided to use a Proxy which: * is responsible for exposing the user roles * using it's own DB * customizable to querry others - e.g. Launchpad * needs to be authenticated at the Core using REST-API (might get https) * similar API to REST, but requiring a username to each request * each request will be handled based on username is already authenticated - e.g in a web-session * will be able to raise HTTP401 (access denied) if user is not allowed to do this action / get this option * might authenticate users based on a request(user;pswd) Python Bindings for REST will be able to use both either Proxyed REST or direct access to Rest depending on wheter the UI decides to use it with a User object. direct REST-API Calls will only be able on localhost -- Einen schönen Tag wünscht: Benedict Stein
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9