[Barry A. Warsaw]
> Second, it sounds like you want to perhaps have a Mailman hook for
> authenticating users. Would it be enough to design an API that
> Mailman would call, given an email address (future: login name)
Just a quick note: I think that when we add "user accounts" (which I
think is what previously has been referred to as "user objects"),
there shouldn't necessarily be any single "login name" associated with
this account. Any of the email addresses that Mailman (in som way)
verifies as belonging to the same user object should be able to work
as login names.
Remembering what Mailman login name you have on various servers could
become just as much a PITA as remembering all those different
> and a password, and ask if they matched?
First of all: I admit to not understanding the issues around the
various authentication schemes implemented (more or less natively) in
various web servers as well as I could. Be gentle.
>From Paul Hebble's Kerberos patch, I thought that given a kerberized
web server, the web server itself will do all the (site-specific)
authentication without really needing to consult Mailman at all. The
problem, then, is to create a clean interface between Mailman and
kerberized/other webserver-based authentication methods.
Whether any of this is at all relevant to John's situation is _way_ to
complex for me to say anything about (yet) :)
Are there any web gurus out there who have the pointers (or
explanations) that could make all of this a bit clearer to me?