[Mailman-Users] Using mailman usernames and passwords as apache2auth

The Doctor What list.mailman at docwhat.gerf.org
Sat Oct 1 21:17:18 CEST 2005


* Mark Sapiro (msapiro at value.net) [051001 13:33]:
> The Doctor What wrote:
> >
> >Is there a way to have apache2 Auth* directives query username and
> >password from mailman?
> >
> >I was imagining something like:
> >
> ><Location /foo>
> >   AuthType Basic
> >   AuthName "Some service"
> >   AuthMailManList FooList
> >   require valid-user
> ></Location>
> 
> 
> I doubt it is that simple, but I don't know very much about Apache.
> 
> >  but
> >  mailman *has* all this code and the database of users is nearly
> >  the same, if not the same.  So why write duplicate code to
> >  duplicate the data!
> 
> The MailList object has an attribute 'passwords' which is a dictionary
> with member's e-mail address as key and plain text password as data,
> or given any membership database, the MemberAdaptor has a
> getMemberPassword(member) method which returns the password for member.

Well, I thought about writing a mod_python plugin to do the security
for me, but the mailman db isn't quite fast enough on my poor server
(it's very old).  So I'm going to try using mod_authpostgresql.

I found the stuff you mentioned, and have it pulling out passwords
for lists.  So, I'm going to write a cron job to insert and update
some tables in postgres, then use them with mod-authpostgresql.  I
can then put an interface onto the DB and allow the listadmin to
turn on and off SVN write access and the TRAC permissions.

Thanks for your help.  If anyone has a better solution, I'd love to
hear it.

Ciao!



More information about the Mailman-Users mailing list