[Mailman-Developers] Sxip and Mailman

Andy Smith andyster at gmail.com
Tue Nov 2 20:16:21 CET 2004 

Hey,

My name is Andy Smith, I'm one of the open source developers over at
Sxip Networks (https://sxip.org), and I've been charged with adding
SXIP support to Mailman, initially for our own internal uses but to be
released open source and as an add-on to Mailman.

SXIP is a protocol for digital identity (Simple eXstensible Identity
Protocol) that allows, among other things, single-sign on and secure
attribute verification (ssl signing of xml data and whatnot). It's all
open source and non-evil, too. It's fairly interesting and if you're
interested hit up the site for more info (or just ask).

I am mailing this to you folks here on the developers list for two
reasons, one, because I'd like to be giving this work over to you (the
community) once I am finished, and two, because you all know much more
about Mailman than I do in the short time I have been examining the
code and any pointers or suggestions you can give me will surely be
very helpful.

So, the goal of my work is to enable single-sign on for Mailman along
the lines of the following scenario:
( "sxip in" = sign on, just using our branding )

	- User arrives at a mailman site for the first time, and is presented
with an overview of public lists. On the page will be a sxip in button
and a paragraph informing the user that he/she will have to sxip in to
subscribe to a list or see any non-public lists that he/she might have
permission to.
	- If a user sxips in right there the overview will be updated to to
contain checkboxes and other relevant links so that a user can
subscribe to any number of lists at the same time, or if they have mod
or admin access they would see a couple other options. I'm not totally
sure at this point what these options should be.
	- If a user does not sxip in on this first page and instead clicks on
a list to see the list info, he/she will be taken to the list info
page, with a similar sxip in button and paragraph. In order to
subscribe to a list or get any further, the user will have to sxip in.
A "subscribe to this list" link will be provided but it will just
force the user to sxip in and then present them with a prompt to
confirm that they'd like to subscribe.
	- Once the user sxips in here, they will be taken back to the list
info page but with more options available, including mod or admin
links if appropriate to their authentication level.
	- A user will not need to confirm subscription via an email when
subscribing this way, because during sxip in a verified email address
(as well as first and last name) will be provided through the sxip in
process (this is one of the features of the protocol).

How I plan to do this, and please let me know if some of these things
seem totally off, I've looked through the code but I may have
misunderstood something:
	
	- Data will be stored in the same way as the other mailman data,
using pickled flat files.
    		* There will be a new file that represents all the admins and
moderators on the system keyed on listname, with values consisting of
a dictionary of keyed on user email addresses with values containing
their authorization level
    		* Note: How to handle list creator privilege? specific "site"
key in the root of the structure?
    		* It should be possible to make use of the current password
scheme involved with the cookies to associate privileges with a user
based on list in this data structure, this has the benefit of allowing
the simple overloading of the function that checks the cookie data.
See Mailman.SecurityManager for the functions used to handle passwords
and check cookies.
	- User properties will remain in the current format, as will list
info, nothing new is required there.
	- To enable sxipping out, true sessions will have to be implemented,
which could be done using code as described at
http://starship.python.net/crew/davem/cgifaq/faqw.cgi?req=show&file=faq02.011.htp,
however the code there is not fully secure and sxip out support may
not be a priority at the beginning (just let the cookie expire?).
	- There will be a new set of UI pages once the initial work is done
to allow a user to sxip in to a session
    		* A page requesting a sxip in, to be called by the various CGI
scripts when a user attempts to go somewhere that requires auth.
Overload Mailman.Cgi.Auth.loginpage
    		* List Overview will have to be overloaded to show subscription
options once sxipped in
    		* List Info will give admin and mod options when sxipped in
   		* All cgi scripts will have to be checked to be sure they
authenticate first
	- To add a new member during sxipped in subscription will overload
ApprovedAddMember in Mailman.MailList to be used automatically by
sxipping in
	- To get the lists that a user belongs to and their privileges, a
sweep of the list data will have to be performed, which is a little
bit of a performance hit, ideally this could be cached in the future
but for now I will just hope the performance isn't too drastically
poor.

Hopefully this model makes sense, I look forward to any comments or
suggestions you may have.

- Andy Smith
Army of Coding Monkeys
MSN: msn at anarkystic.com
Jabber: termie at jabber.org
http://anarkystic.com/blog

More information about the Mailman-Developers mailing list