[Mailman-Developers] Using pre-existing passwords along with mailman passwords?

Jerry Stratton jerry@sandiego.edu
Fri, 26 Oct 2001 08:32:29 -0700

I posted this to the users group, and they suggested I post it here; 
I've looked into what might need to be done, and it looks like it 
will be a lot easier for list members than for list administrators; 
since list members have 'usernames' (their e-mail address), but list 
administrators just have their password?

Is there a best place to apply such a patch?

At our University, we use a special username/password (called a 
"UNet" account) for all web-related items. We can match the UNet 
username directly to the user's University e-mail address.

I would like to use this username/password for all list members and 
list owners who have a UNet account, but fall through to the 
mailman-generated password for those who do not. We do not have 
access to the actual password--it is stored only as a Unix hash so we 
can't simply insert it into the mailman password database (and we 
wouldn't want to send it out via e-mail on a monthly basis in any 
case). Has anyone else implemented something like this?

What I'm looking at as a possibility is setting up an Apache 
=2Ehtaccess file so that all of the mailman directories are password 
protected, but allow guest access (Apache has a special module that 
will do this). If a user logs in using their UNet account, map it to 
their e-mail address and bypass mailman's login process. If the user 
logs in as a guest, do not bypass mailman's login process.

Has anyone already done this? If so, are there already any 
instructions somewhere for how to do this? Any foreseeable problems 
with this method?

The more restrictions there are, the poorer the people become. The 
greater the government=B9s power, the more chaotic the nation would 
become. The more the ruler imposes laws and prohibitions on his 
people, the more frequently evil deeds would occur.
--The Silence of the Wise: The Sayings of Lao Zi