* Mailman 3 allows you to assign administrative privileges to individual users who may log in with their own credentials.
* Mailman 3 is composed of several separate projects that work together to form a coherent system.
* The Postorius component is the Django-based web UI component for Mailman 3.
* Because it is Django based, the authentication scheme for Postorious can be customized by configuring the appropriate Django authentication middleware (e.g. REMOTE_USER ).
* The Mailman REST API provides you with superuser-like access to Mailman, and should only be used to integrate trusted apps.
* Mailmania can be used to provide external access to the RESTful API. Requests are are authenticated, and the typical access controls are enforced.
It seems to me that if I have an authentication mechanism that supports exporting the authenticated user via REMOTE_USER into the web server environment, then I could use that mechanism with Django + Postorius.
I'm assuming Mailmania relies on presenting a username and password directly to the Mailman REST API to authenticate? Or would it also have some mechanism to let you customize the authentication mechanism?
ITS Systems Programmer
----- Original Message -----
From: "Andrew Stuart" <email@example.com>
To: "waldbiec" <firstname.lastname@example.org>
Cc: "mailman-developers" <email@example.com>
Sent: Tuesday, September 1, 2015 9:58:32 PM
Subject: Re: [Mailman-Developers] User-centric authentication and access control
Postorius is a Django app that talks directly to the Mailman 3 REST API and integrates everything needed to get the job done including user interface, authentication and authorization.
If you wanted to write a user interface for Mailman using ReactJS or AngularJS then you?d probably want it to talk to Mailmania.
If you want to actually have a working interface to Mailman 3 then you need Postorius as no-one has written any user interface code for Mailmania.