[Mailman-Users] Pluggable authentication for Mailman web interface?

Mark Sapiro mark at msapiro.net
Sun Aug 30 02:02:51 CEST 2015

On 08/26/2015 01:08 PM, Waldbieser, Carl wrote:
> Are there any guidelines for adding authentication and /or authorization mechanisms to the Mailman web user interface?
> Specifically, I was wondering if there is any kind of guidance for authenticating the user via an HTTP header (e.g. HTTP_REMOTE_USER) so that an authenticating reverse proxy could be placed in front of the Mailman web interface.

There is no such for Mailman 2.1. I *think* the authentication mechanism
for MM 3 is pluggable, but you should join and ask on
mailman-developers at python.org for a more definitive answer.

> If there is no such built-in mechanism or pluggable mechanism, is there any kind of guidance on how the existing authentication mechanism might be replaced from a technical standpoint?

In MM 2.1, all the work is done by the Mailman/SecurityManager.py
module. You should be able to tweak that to suit your needs.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list