On 08/26/2015 01:08 PM, Waldbieser, Carl wrote:
Are there any guidelines for adding authentication and /or authorization mechanisms to the Mailman web user interface? Specifically, I was wondering if there is any kind of guidance for authenticating the user via an HTTP header (e.g. HTTP_REMOTE_USER) so that an authenticating reverse proxy could be placed in front of the Mailman web interface.
There is no such for Mailman 2.1. I *think* the authentication mechanism for MM 3 is pluggable, but you should join and ask on mailman-developers@python.org for a more definitive answer.
If there is no such built-in mechanism or pluggable mechanism, is there any kind of guidance on how the existing authentication mechanism might be replaced from a technical standpoint?
In MM 2.1, all the work is done by the Mailman/SecurityManager.py module. You should be able to tweak that to suit your needs.
-- Mark Sapiro mark@msapiro.net The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan