[Systers-dev] Fwd: [OpenID] OpenID enabled Mailman
Malveeka Tewari
malveeka at gmail.com
Sat Jun 13 07:09:47 PDT 2009
---------- Forwarded message ----------
From: SitG Admin <sysadmin at shadowsinthegarden.com>
Date: Tue, Jun 9, 2009 at 4:47 AM
Subject: Re: [OpenID] OpenID enabled Mailman
To: Malveeka Tewari <malveeka at gmail.com>
Cc: general at openid.net
The reason we want to implement OpenID Provider for Mailman is so that we
> can use the single sign on for our other internal accounts like our internal
> wiki etc.
> We want our users to login in just their mailman account and have single
> sign on for their other accounts.
>
If you're getting deep enough into the Mailman code and wiki code to patch
their existing login systems with OpenID, you should be able to rig
something much simpler with, say, just a cookie. This might lead to security
problems if you're hosting each service on a different subdomain (with
cookies delivered to *.domain.com) AND users get their own webspace on
subdomains (since then users could read session cookies from other users),
but if all the subdomains are official you should be fine :)
-Shade
More information about the Systers-dev
mailing list