Public bug reported:
For a good, working Mailman 3.0 UI we have to handle the passwords for each user (needed when they subscribe/unsubscribe/want to access their settings page but also for the admins and listowners). Hence, we need to implement the possibility to check for passwords in the rest-client (I believe these are saved in the user table in the core DB) and/or a login function. We should probably use https for the psw authentication.
** Affects: mailman Importance: Undecided Status: New
** Tags: mailman3 rest-api
Or well, we need to implement this functionality to the rest-server to be able to implement it in the rest-client.
On Thu, Jul 01, 2010 at 07:33:47PM -0000, Anna wrote:
We should probably use https for the psw authentication.
*ouch*. I'd really prefer that to be something configurable. I don't particularly want to run lists stuff over SSL.
Hm, you might be right... I was just worried about security when sending the password between the rest-client and the server. Making it configurable would also be nice for debugging.
*** This bug is a duplicate of bug 867459 *** https://bugs.launchpad.net/bugs/867459
Even though this bug came first, I'm marking it as a duplicate of the later bug. Sorry about that.
I think the approach outlined in the duplicate should work for Postorius (the web ui).
** This bug has been marked a duplicate of bug 867459 REST API: Implement a simple way to check user credentials