Hi Stephen
Thanks for your reply. W want to implement the OpenID Provider for the mailman set up we are running on our servers. The idea is to use OpenID with mailman to provide single sign on for our other user accounts like our wiki etc. Our focus is on providing Single Sign On but we do not want to delegate authentication to a third party. Hence we want to implement OpenID provider for our Mailman service. and OpenID relying party for our wiki etc.
Now for the OpenID provider we may choose to have new passwords or use the mailman passwords. For ease of users, we want to use the mailman passwords for the OpenID provider.
I hope I have conveyed what I am trying to do. I will be thankful for any suggestions
Thanks Malveeka
On Sat, Jun 13, 2009 at 12:03 PM, Stephen J. Turnbull <stephen@xemacs.org>wrote:
Malveeka Tewari writes:
- Sign in with existing openID login for your subscription
*1. Enable/Disable openID login for your subscription* *account* For enabling and diabling the openID feature, the users login their subscribed accounts as they do now for changing any of the subcription options. On this page if they enable the openID feature, they recieve an automated reply with their openID identifier.
The password for the openID identifier is the same as that for the subscription accounts. If they change their subscription passwords, their openID password gets changed too.
I don't understand what you're trying to do. The whole point of open ID is delegating authorization to a third party. If you want, you can provide that service as well, but once you've enabled OpenID, you shouldn't need a password for Mailman. In fact, the Mailman password should be disabled, as it is certainly less secure than OpenID at this point in time.
I want to know if there's already an openID enabled version of mailman available
The OpenID project has OpenID-enabled Mailman lists, but according to Brad Knowles in the process of adapting Mailman to OpenID they broke a lot of other features, and integrating their changes is non-trivial.