[Mailman-Users] x.509 cert authentication for web interface?
jonc at nc.rr.com
Sat Jan 31 00:02:25 CET 2004
You'll need to dive into the code for that. Mailman is totally and
blissfully unaware of such authentications.
Good Luck - Jon Carnes
On Fri, 2004-01-30 at 16:11, Noah Meyerhans wrote:
> On Fri, Jan 30, 2004 at 03:25:24PM -0500, Jon Carnes wrote:
> > Just move the script alias inside the ssl part of your httpd.conf.
> I've already got the script alias in the SSL section of Apache's config.
> That works fine, but it's most definitely not authenticating based on
> the x509 certificate presented by the browser. It it supposed to? I
> haven't seen any indication in the documentation that leads me to
> believe it is. Please point me to whatever docs I'm missing if I am
> missing something. Or tell me where in mailman's source code I can find
> that functionality.
> In case I was not clear in my intentions: If the browser presents an
> x509 certificate that is properly signed by my Certificate Authority,
> and the email address associated with the certificate is listed in the
> admin or moderator fields in Mailman, then the user should be considered
> authenticated. At no point should they be prompted for a password.
More information about the Mailman-Users