[Mailman-Developers] ACL,security - how we'll implement it
Benedict Stein
benedict.stein at googlemail.com
Thu Jul 21 17:42:09 CEST 2011
Dear Mailman Developers,
we had a nice discussion this afternoon (13:00 - 15:00) UTC about this
topic.
I've written a small blogposts about the results which will be
implemented in near future.
http://benste.blogspot.com/2011/07/discussion-on-acls-using-mailman30-and.html
Key aspects:
Decided to use a Proxy which:
* is responsible for exposing the user roles
* using it's own DB
* customizable to querry others - e.g. Launchpad
* needs to be authenticated at the Core using REST-API (might get
https)
* similar API to REST, but requiring a username to each request
* each request will be handled based on username is already
authenticated - e.g in a web-session
* will be able to raise HTTP401 (access denied) if user is not
allowed to do this action / get this option
* might authenticate users based on a request(user;pswd)
Python Bindings for REST will be able to use both either Proxyed
REST or direct access to Rest depending on wheter the UI decides
to use it with a User object.
direct REST-API Calls will only be able on localhost
--
Einen schönen Tag wünscht:
Benedict Stein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20110721/69edfe0d/attachment.pgp>
More information about the Mailman-Developers
mailing list