Integrating Mailman with a single sign-on service
Hi,
Here at the University of Edinburgh we have a single sign-on service based on Cosign ( http://www.umich.edu/~umweb/software/cosign/ ). I've selected Mailman as the mailing list software for a project I'm working on, and I'd like to integrate it with Cosign if possible.
I have a few questions about Mailman, if someone familiar with the code can answer them I'd be very grateful.
Is there a top-level design document for Mailman?
Cosign gives a username in REMOTE_USER in each HTTP request. My intent is to get users to sign up by entering this username and an email address, then the web interface for Mailman would take the value of REMOTE_USER and map it to the email address. Which area of the source should I be looking at?
Would someone familiar with the Mailman web interface be willing to help further and answer more detailed questions as I progress?
I've spent some time already looking through the source, but as you can appreciate it's tricky working out where to get started.
Cheers,
Alisdair
| Alisdair Tullo :: - epcc - :: alisdair@epcc.ed.ac.uk | | University of Edinburgh :: JCMB 3309 :: 0131 650 5023 |
At 10:53 AM +0100 2006-07-17, Alisdair Tullo wrote:
I have a few questions about Mailman, if someone familiar with the code can answer them I'd be very grateful.
Speaking as one of the list co-moderators, we normally try to keep the "questions" type stuff on the mailman-users mailing list, where you will find many of the Mailman developers are also subscribed.
This particular message seemed to be kind of borderline for me, so I went ahead and approved it in the hope that we would get into discussion of Python modifications you're making or would like to make to support your requirements.
Other than that, I'm usually more of an observer on this list, and I'm afraid I don't have any answers for you. I'll let someone else that is more knowledgeable about the code try to address your questions.
-- Brad Knowles <brad@python.org> Member of the Python.org Postmaster Team Co-moderator of mailman-users and mailman-developers mailing lists
Alisdair Tullo wrote:
Here at the University of Edinburgh we have a single sign-on service based on Cosign ( http://www.umich.edu/~umweb/software/cosign/ ). I've selected Mailman as the mailing list software for a project I'm working on, and I'd like to integrate it with Cosign if possible.
I have a few questions about Mailman, if someone familiar with the code can answer them I'd be very grateful.
- Is there a top-level design document for Mailman?
No. There is a description of message flow through Mailman in comments at the beginning of Mailman/Queue/IncomingRunner.py, but that's about it.
- Cosign gives a username in REMOTE_USER in each HTTP request. My intent is to get users to sign up by entering this username and an email address, then the web interface for Mailman would take the value of REMOTE_USER and map it to the email address. Which area of the source should I be looking at?
The Mailman web interface is entirely (with the exception of public archives which link directly to static html pages) supported by a set of CGI modules. These are accessed via wrappers, but the actual work is done in the various python modules in Mailman/Cgi/. These modules, with the exception of Auth.py which generates the Admin/Moderator login page, have a one to one correspondence with the URIs that access them. E.g. http://www.example.com/mailman/admin/... is processed by admin.py and so forth.
- Would someone familiar with the Mailman web interface be willing to help further and answer more detailed questions as I progress?
You can post your questions to this list, and I and others will do our best to answer.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Alisdair,
I have done Webauth using Stanford WebAuth (http://webauth.stanford.edu) for Mailman package.
Basically users can signup using any form of valid @stanford.edu address, and I use Stanford Directory to map the name to a user's id. This information is kept in the mailman mailing list's pickle db, as an additional dictionary field. Python codes under /usr/lib/mailman/Mailman/Cgi are changed so that if a person use @stanford.edu address, they are redirected to webauthed page for suoptions, surosters, admin, suprivate archives etc.
I can make the patches (40+) or the Mailman Debian package that has Stanford webauth patches, and local configurations available if any one is insterested. It won't work for others as is, but at least you can take a look at one of the ways to do webauth integration.
I am new to the list and am not sure what's the best way to share this, but you can always contact me in person.
Xueshan
Xueshan Feng (aka. Susan Feng)
Shared Services, ITSS Stanford University, CA 94305-3090
255 Panama St. Room 157, Polya Hall Stanford University Stanford, CA 94305-4136
On Mon, 2006-07-17 at 10:27 -0700, Mark Sapiro wrote:
Alisdair Tullo wrote:
Here at the University of Edinburgh we have a single sign-on service based on Cosign ( http://www.umich.edu/~umweb/software/cosign/ ). I've selected Mailman as the mailing list software for a project I'm working on, and I'd like to integrate it with Cosign if possible.
I have a few questions about Mailman, if someone familiar with the code can answer them I'd be very grateful.
- Is there a top-level design document for Mailman?
No. There is a description of message flow through Mailman in comments at the beginning of Mailman/Queue/IncomingRunner.py, but that's about it.
- Cosign gives a username in REMOTE_USER in each HTTP request. My intent is to get users to sign up by entering this username and an email address, then the web interface for Mailman would take the value of REMOTE_USER and map it to the email address. Which area of the source should I be looking at?
The Mailman web interface is entirely (with the exception of public archives which link directly to static html pages) supported by a set of CGI modules. These are accessed via wrappers, but the actual work is done in the various python modules in Mailman/Cgi/. These modules, with the exception of Auth.py which generates the Admin/Moderator login page, have a one to one correspondence with the URIs that access them. E.g. http://www.example.com/mailman/admin/... is processed by admin.py and so forth.
- Would someone familiar with the Mailman web interface be willing to help further and answer more detailed questions as I progress?
You can post your questions to this list, and I and others will do our best to answer.
Alisdair Tullo wrote:
- Cosign gives a username in REMOTE_USER in each HTTP request. My intent is to get users to sign up by entering this username and an email address, then the web interface for Mailman would take the value of REMOTE_USER and map it to the email address. Which area of the source should I be looking at?
Right now that's pretty hard-coded. I'm working to improve the web interface.
For a number of reasons, I'm going to switch from the cookie auth to standard (digest) auth. I intend to implement a handler that will accept REMOTE_USER as authoritative; however, my implementation will expect REMOTE_USER to be an email address.
So, minimally what you'd need to do is provide a bit of code that does the user/email address mapping, and it would hook into my authentication handler.
I'll check in some code that at least does this stuff by wendesday.
We're going to go further down the road to supporting abstract users (as opposed to list members) for MM 3.0, so you probably won't have to support that bit of code for long.
- Would someone familiar with the Mailman web interface be willing to help further and answer more detailed questions as I progress?
Yes. I am knee deep in it now, and misery loves company :)
~ethan fremen
p.s. my kvetches about the existing interface shouldn't be taken as a diss to those who implemented it; for the time it was pretty forward thinking.
participants (5)
-
Alisdair Tullo -
Brad Knowles -
emf -
Mark Sapiro -
Xueshan Feng