[Mailman-Developers] Integrating Mailman with a single sign-on service

[emf]

Alisdair Tullo wrote:

> 2. Cosign gives a username in REMOTE_USER in each HTTP request. My intent 
> is to get users to sign up by entering this username and an email address, 
> then the web interface for Mailman would take the value of REMOTE_USER and 
> map it to the email address. Which area of the source should I be looking 
> at?

Right now that's pretty hard-coded. I'm working to improve the web 
interface.

For a number of reasons, I'm going to switch from the cookie auth to 
standard (digest) auth. I intend to implement a handler that will accept 
REMOTE_USER as authoritative; however, my implementation will expect 
REMOTE_USER to be an email address.

So, minimally what you'd need to do is provide a bit of code that does 
the user/email address mapping, and it would hook into my authentication 
handler.

I'll check in some code that at least does this stuff by wendesday.

We're going to go further down the road to supporting abstract users (as 
opposed to list members) for MM 3.0, so you probably won't have to 
support that bit of code for long.

> 3. Would someone familiar with the Mailman web interface be willing to 
> help further and answer more detailed questions as I progress?

Yes. I am knee deep in it now, and misery loves company :)

~ethan fremen

p.s. my kvetches about the existing interface shouldn't be taken as a 
diss to those who implemented it; for the time it was pretty forward 
thinking.