[Mailman-Users] [Mailman-Developers] openID enabled mailman

Malveeka Tewari malveeka at gmail.com
Sat Jun 13 12:43:26 CEST 2009 

Hi Stephen

Thanks for your reply.
W want to implement the OpenID Provider for the mailman set up we are
running on our servers.
The idea is to use OpenID with mailman to provide single sign on for our
other user accounts like our wiki etc.
Our focus is on providing Single Sign On but we do not want to delegate
authentication to a third party. Hence we want to implement OpenID provider
for our Mailman service. and OpenID relying party for our wiki etc.

Now for the OpenID provider we may choose to have new passwords or use the
mailman passwords. For ease of users, we want to use the mailman passwords
for the OpenID provider.

I hope I have conveyed what I am trying to do. I will be thankful for any
suggestions

Thanks
Malveeka

On Sat, Jun 13, 2009 at 12:03 PM, Stephen J. Turnbull <stephen at xemacs.org>wrote:

> Malveeka Tewari writes:
>
>  > 2. Sign in with existing openID login for your subscription
>  >
>  > *1. Enable/Disable openID login for your subscription* *account*
>  > For enabling and diabling the openID feature, the users login their
>  > subscribed accounts as they do now for changing any of the subcription
>  > options.
>  > On this page if they enable the openID feature, they recieve an
> automated
>  > reply with their openID identifier.
>  >
>  > The password for the openID identifier is the same as that for the
>  > subscription accounts. If they change their subscription passwords,
> their
>  > openID password gets changed too.
>
> I don't understand what you're trying to do.  The whole point of open
> ID is delegating authorization to a third party.  If you want, you can
> provide that service as well, but once you've enabled OpenID, you
> shouldn't need a password for Mailman.  In fact, the Mailman password
> should be disabled, as it is certainly less secure than OpenID at this
> point in time.
>
>  > I want to know if there's already an openID enabled version of
>  > mailman available
>
> The OpenID project has OpenID-enabled Mailman lists, but according to
> Brad Knowles in the process of adapting Mailman to OpenID they broke a
> lot of other features, and integrating their changes is non-trivial.
>

More information about the Mailman-Users mailing list