[Mailman-Developers] Using pre-existing passwords along with mailman passwords?

Donal Hunt donal.hunt2@mail.dcu.ie
Sun, 28 Oct 2001 12:40:54 +0000


I wrote some patches for Mailman 2.0.2 that do roughly what you want,
though they still need some tidying up.  I was using LDAP to
authenticate users in my university, and falling back to Mailman
subscriber info (python marshals) if it was a non-local user.

The 2 main places to hook into (from memory) are SecurityManager.py and
another module.  I'm hoping to release an alpha of Mailman 2.0.2 with
LDAP authentication in the next 2 weeks (Mailman-LDAP), and an
authenticator module for Mailman 2.1 by next year.

Are your UNet accounts stored in LDAP or NDS by any chance?? Cos that
makes things nice and easy...

Give us a shout if there's anything I can help with.

Donal Hunt
Dublin City University

mailman-developers-request@python.org wrote:
> Message: 3
> Date: Fri, 26 Oct 2001 08:32:29 -0700
> To: mailman-developers@python.org
> From: Jerry Stratton <jerry@sandiego.edu>
> Subject: [Mailman-Developers] Using pre-existing passwords along with mailman passwords?
> I posted this to the users group, and they suggested I post it here;
> I've looked into what might need to be done, and it looks like it
> will be a lot easier for list members than for list administrators;
> since list members have 'usernames' (their e-mail address), but list
> administrators just have their password?
> Is there a best place to apply such a patch?
> At our University, we use a special username/password (called a
> "UNet" account) for all web-related items. We can match the UNet
> username directly to the user's University e-mail address.
> I would like to use this username/password for all list members and
> list owners who have a UNet account, but fall through to the
> mailman-generated password for those who do not. We do not have
> access to the actual password--it is stored only as a Unix hash so we
> can't simply insert it into the mailman password database (and we
> wouldn't want to send it out via e-mail on a monthly basis in any
> case). Has anyone else implemented something like this?
> What I'm looking at as a possibility is setting up an Apache
> =2Ehtaccess file so that all of the mailman directories are password
> protected, but allow guest access (Apache has a special module that
> will do this). If a user logs in using their UNet account, map it to
> their e-mail address and bypass mailman's login process. If the user
> logs in as a guest, do not bypass mailman's login process.
> Has anyone already done this? If so, are there already any
> instructions somewhere for how to do this? Any foreseeable problems
> with this method?
> Jerry
> --
> jerry@sandiego.edu
> http://www.sandiego.edu/~jerry/
> --
> The more restrictions there are, the poorer the people become. The
> greater the government=B9s power, the more chaotic the nation would
> become. The more the ruler imposes laws and prohibitions on his
> people, the more frequently evil deeds would occur.
> --The Silence of the Wise: The Sayings of Lao Zi