[Mailman-Developers] LDAP auth

[Lennon Day-Reynolds]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Nov 6, 2006, at 9:35 AM, Anne Ramey wrote:
> Forgive me if this has already been discussed, but I couldn't find  
> it in
> the archives.  I'm interested in replacing the logon screen for the  
> list
> with one that asks for the email address and password for the user,
> checks if they are an owner or moderator, then if so, checks to see if
> they can bind successfully to the given ldap, and if so, logs them in
> with their owner or moderator permissions.  Has anyone implemented or
> worked on anything like this?

In general, there is no "official" way to do this sort of centralized  
authentication. I did some work on our local install of Mailman to  
allow regular network login for list moderation and administration,  
but it is dependent on both our Single-Sign-On system (Cosign) and  
particular LDAP setup.

I have spoken with people at a number of other institutions that were  
interested in similar single-sign-on support for the Mailman web  
interface, and there has been extensive discussion on the -developers  
list about making it a part of the Mailman core. However, it's  
unlikely they will be making any changes that significant until after  
Mailman 2.2, which is the next planned major release.

Basically, the answer right now is "roll your own," though I might be  
able to dig through our patches and find some starting points if you  
were going to begin work towards such a goal.

Hope that helps,

Lennon Day-Reynolds
System Support Specialist
Reed College
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFFW0lyRtirLnfvQskRAuSdAJ4ve7RLG2SjAIdW/jT7FPhCJxOa7gCeKBqM
jXvghoSRhwnRbrhvsoa/Qqo=
=ee9V
-----END PGP SIGNATURE-----