[Mailman-Developers] ACL,security - how we'll implement it

Benedict Stein benedict.stein at googlemail.com
Thu Jul 21 17:42:09 CEST 2011

Dear Mailman Developers,

we had a nice discussion this afternoon (13:00 - 15:00) UTC about this
I've written a small blogposts about the results which will be
implemented in near future.

Key aspects:

Decided to use a Proxy which:

      * is responsible for exposing the user roles
              * using it's own DB
              * customizable to querry others - e.g. Launchpad
      * needs to be authenticated at the Core using REST-API (might get
      * similar API to REST, but requiring a username to each request
      * each request will be handled based on username is already
        authenticated - e.g in a web-session
      * will be able to raise HTTP401 (access denied) if user is not
        allowed to do this action / get this option
      * might authenticate users based on a request(user;pswd)
        Python Bindings for REST will be able to use both either Proxyed
        REST or direct access to Rest depending on wheter the UI decides
        to use it with a User object.
        direct REST-API Calls will only be able on localhost


Einen schönen Tag wünscht:
Benedict Stein

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20110721/69edfe0d/attachment.pgp>

More information about the Mailman-Developers mailing list