Hi all. I'm wondering if anybody has devised a way to authenticate to
the admin/moderator interfaces in Mailman using browser certificates.
We try to use them to authenticate to web services wherever possible,
and have a fairly widely deployed PKI at my site.

It seems like this should be possible, but I really don't know python
and am not very familiar with Mailman's code. We use Apache and
mod_ssl, which means that we can make a bunch of environment variables
associated with the certificates available to Mailman. In particular,
we can find out the email address of the user. It seems like we should
be able to look for that email address in the list of admin or moderator
addresses and consider the user to be authenticated if it's there. The
web server is already doing the necessary work to verify that the
certificate is valid, so everything presented to Mailman should be

Any help would be much appreciated.


Noah Meyerhans System Administrator
MIT Computer Science and Artificial Intelligence Laboratory

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.python.org/pipermail/mailman-users/attachments/20040130/852c9623/attachment.pgp

Search Discussions

Discussion Posts

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 4 | next ›
Discussion Overview
groupmailman-users @
postedJan 30, '04 at 7:03p
activeJan 30, '04 at 11:02p

2 users in discussion

Noah Meyerhans: 2 posts Jon Carnes: 2 posts



site design / logo © 2022 Grokbase