[Mailman-Developers] any interest in a new built-in web-archive? (i.e. pipermail replacement)
Terri Oda
terri at zone12.com
Tue Mar 27 21:29:06 CEST 2012
On 03/26/2012 11:37 PM, David Jeske wrote:
> CSLA doesn't currently have any concept server-auth. The only stateful
> features it has are view-preferences and read-state, neither of which are
> important enough to require a password. It uses a password-less system
> which uses cookies for prefs and a 'read state userid' which a user can
> manually set if they want. I like it, because it doesn't require login to
> get some basic browsing prefs and features.
>
> Hooking up an auth system would be necessary for some of the editing ideas
> in the document I read, or to allow online posting.
So Postorius (the webUI) has a sketch of an auth system using BrowserID
at the moment. BrowserID is convenient 'cause it proves you have
ownership of a given email address, but we should have OpenID working
soon once we've got the code to confirm that a given OpenID can be
associated with an email address.
We should do a little thinking about how to make sure that the archives
system can make use of the webui authentication. In theory, you could
just use the same browserID/etc. and perform authentication again to
provide a single sign on with the same tokens, but we can probably do
something nicer by sharing the webui django accounts.
Terri
More information about the Mailman-Developers
mailing list