$ sudo /etc/init.d/postgresql-8.3 stop</ode> <code>$ sudo vi /etc/postgresql/8.3/main/pg_hba.conf
Find this line:
#"local" is for Unix domain socket connections only
local all all ident sameuser
Comment it out and add the following line:
local all all md5
$ sudo /etc/init.d/postgresql-8.3 start
$ sudo su postgres $ createuser mailman -> Shall the new role be a superuser? (y/n) n -> Shall the new role be allowed to create databases? (y/n) y -> Shall the new role be allowed to create more new roles? (y/n) n
$ psql (this drops you into the sql interface for modifying the postgres db) postgres=# alter user mailman password 'mailman'; ALTER ROLE ctrl-D (to exit psql) ctrl-D (to go back to original user shell)
Change to superuser:
su
Change to superuser postgres:
su postgres
Create database 'mailman_members'
psql create database mailman_members owner mailman; \c mailman_members
Create the table for storing mailman membership data
cd /usr/local/mailman sudo bin/create_memtable
ssh into your abiwt account. Type the following commands
psql -d mailman_members -U mailman password: <enter the password> \d (to list the tables in the database) select * from mailman_test;
We will be using three mailing lists : membership_test1 , membership_test2, membership_test3
Three users member1 , member2, member3 we will be using for testing the Common Authentication on dev.systers.org. The table below shows the user to the list mentioned above or whether in digest mode or not. (D) shows in digest mode.
| member1 | member2 | member3 |
|---|---|---|
| membership_test1 | membership_test1 | membership_test |
| membership_test2(D) | membership_test2(D) | |
| membership_test3 |
You can navigate openidreg page through the following Use Cases.
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| OIDREGNV1 | Click on 'Click Here' to set OpenID for an account | - No error | member1@dev.systers.org | Aug-16, 2010 12:30 UTC | P | |
| OIDREGNV2 | Click on a Mailing List and go to its listinfo page and click on 'Enable Common Authentication' | - No error | member1@dev.systers.org | Aug-16, 2010 12:30 UTC | P |
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments | |
|---|---|---|---|---|---|---|---|
| OIDREG1 | Subscriber chooses from the dropdown menu her list and gives correct Username(Address),Password for the same to which she has subscribed | User should get a message at the bottom on the same page giving message “You have Completed the Registeration and now you can use your OpenID” | member1@dev.systers.org | Aug-16,2010 21:32 UTC | P | ||
| OIDREG2 | Subscriber gives wrong Username , Password or chooses wrong list | User should get a message at the bottom on the same page giving message “Please check that you are using correct Username and Password for the List you choose.” | member2@dev.systers.org | Aug-16,2010 21:34 UTC | P | ||
| OIDREG3 | Subscriber who has already enabled openid or common authentication ,and tries to enable for other list | User should get a message at the bottom on the same page giving message “This email address is already in use , please select a different address ” | member1@dev.systers.org | Aug-16,2010 21:35 UTC | P | ||
| OIDREG4 | Subscriber leaves the Username or Password field blank | User should get a message at the bottom on the same page giving message “Fields are blank, please enter correct Username , Password and choose your list ” | member2@dev.systers.org | Aug-16,2010 21:36 UTC | P | ||
User is directed to this page which is a client side script for the OpenID Consumer , i.e. when the user who has enabled her common authentication , and login using common authentication, so she will be directed to the OpenIDConsumer Page ,which works on http://dev.systers.org:8001. The Identifier will be http://dev.systers.org:8000/id/<username>/. This identifier will be used to verify for the DokuWiki . The Doku wiki that we will be using is on http://dev.systers.org/dokuwik/doku.php .
This page can be navigated through listinfo page for a particular mailing list.
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| OIDC1 | Identifier provided in the OpenIDConsumer is other that the Identifier for Systers OpenIDProvider | User is redirected to the OpenIDPRovider page but shown a message 'You can be verified only for http://dev.systers.org:8000/' | member1@dev.systers.org | Aug-18, 2010 19:45 UTC | P | |
| OIDC2 | Identifier to be provided in the OpenIDConsumer | User is redirected to the OpenIDPRovider page and verified if the user is logged in or not, if logged in she is asked to authorize the identifier, otherwise asked to give her username/password from the client and redirected to the Consumer Page | member1@dev.systers.org | Aug-16, 2010 21:00 UTC | P | |
| OIDC1 | The user does not provide a correct URL | The Page will show an error message showing “Error in discovery: HTTP Response status from identity URL host is not 200. Got status 404” | member1@dev.systers.org | Aug-16, 2010 21:00 UTC | P |
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| DKW1 | Identifier to be provided in the OpenID login | User is redirected to the OpenIDPRovider page and verified if the user is logged in or not, if logged in she is asked to authorize the identifier from the client and redirected to the wiki who is logged in | member1@dev.systers.org | Aug-16, 2010 22:49 UTC | P | |
| DKW2 | The user does not provide a correct URL | The Doku wiki Page will show an error message showing “Please enter a valid OpenID identifier” | member1@dev.systers.org | Aug-16, 2010 22:49 UTC | P |
The OpenID Provider for systers which uses the “mailman_membership” database and checks for authenticating the user. The OpenIDProvider is on http://dev.systers.org:8000/. It still need to be used through Web CGI which will be preferred as one can not run it by everytime logging in.
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| OIDP1 | User logs in with her Username and Password for which she has set OpenID enabled | User should be logged in to the OpenID Provider | member1@dev.systers.org | Aug-16, 2010 12:30 UTC | P | |
| OIDP2 | User enters incorrect Username, Password | User is not logged in and directed to home page showing “not logged in” | member1@dev.systers.org | Aug-16, 2009 12:30 UTC | P | |
| OIDP3 | User forgets her password for which the OpenID is set | User can click on “Forgot Your Password” and provide her username for which she was trying to login. If the correct username provided a link will be generated, she will be told about the list for which she was using her OpenID and to get the password reminder she should click on the link. The link will take to the “client” page where she can get a password reminder to her email. In case the Username provided is wrong , an message will be displayed “No Such User” and ask her to Register for OpenID which will take her to “http://dev.systers.org/mailman/openidreg” | member1@dev.systers.org | Aug-16, 2010 12:32 UTC | P | |
| OIDP4 | User wants to use OpenID Authentication | Clicks on “SignUp for Systers OpenID” and directed to openidreg “http://dev.systers.org/mailman/openidreg” | member1@dev.systers.org | Aug-16, 2010 12:34 UTC | P | |
| OIDP5 | A request comes from a consumer such as DokuWiki, CMS or OpenIDProvider | The Systers OpenID provider should process according to the state i.e. whether user logged in or not. OIDP6, OIDP7 and OIDP8 can be the cases for the verification. | member1@dev.systers.org | Aug-16, 2010 12:35 UTC | P | |
| OIDP6 | Same User is logged in | In case the verification comes for the same user who is logged in, then ask the user to verify the page for by clicking on “yes” or “no”. If “yes” user is redirected back to the consumer, otherwise verification is cancelled | member1@dev.systers.org | Aug-16, 2010 20:35 UTC | P | |
| OIDP7 | Different user logged in. | In case a different user is logged in i.e. member1@dev.systers.org and member2@dev.systers.org wants to verify then member2 will be asked for the username and password for her identifier to be verified. If successful then member1 is logged out and member2 is logged in automatically | member2@dev.systers.org | Aug-16, 2010 12:37 UTC | P | |
| OIDP8 | None of the user is logged in | Repeats the same procedure as in OIDP1 | member1@dev.systers.org | Aug-16, 2010 12:40 UTC | P | |
| OIDP9 | Username and Password field left blank | Error message showing “The Username or Password field is blank” | member1@dev.systers.org | Aug-16, 2010 12:41 UTC | P |
After the OpenID Consumer get verified for the Identifier from the Provider, a link on the Consumer shows a page which redirects her to the oiduserpage , which shows the list that user has subscribed and using the same list for the Common Authentication to all his lists.
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| OIDUP1 | User clicks on the link corresponding to the list to which he is subscribed. | Link follows the 'Client' Option page for that list. | member1@dev.systers.org | Aug-16, 2010 21:10 UTC | P | |
| OIDUP2 | A different user tries to access through the CGI Url | The page will show for that user only who has been verified from the Provider for the session. | member2@dev.systers.org | Aug-16, 2010 21:10 UTC | P |
User comes to this list when redirected from the oiduserpage . Client login page is similar to the Options page, but here user cannot Unsubscribe . And the password remider that will be sent to the user is the respective password for each list that she is being subscribed to.However it still ask for the password once that has been set for OpenID authentication of the user. After the password is being provided , user can access all her lists and change options from them without giving password repeatedly.
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| CLP1 | Login | User should be able to login with her username and password for which she has subscribed | member1@dev.systers.org | Aug-16, 2010 21:34 UTC | F | User is able to login but the issue is that as the getOIDpasswords in DlistMemberships is fetching the encrypted form passwords so the value for secret is set to be the encrypted string in the database , not with the simple string, a method has to be used to fetch the value from the password box and check with the database that it shows '0' or '1' for that string. |
| CLP2 | Password Reminder | Email with password to member for the list on the client page. | member1@dev.systers.org | Aug-16, 2010 21:34 UTC | P | |
| CLP3 | Incorrect Password | An error message will display “Authentication failed or Not a Subscribed User.” | member1@dev.systers.org | Aug -16, 2010 21:34 UTC | P |
| Line Ref | What to Test | Expected Behavior | Tester Email | Time (UTC) | P or F | Comments |
|---|---|---|---|---|---|---|
| CLMP1 | Change primary email address with “Other incoming email addresses” | - Confirmation that it is successfully changed - “delete” bit remains “f”alse (use psql to confirm) - Member is still listed in Membership List - “Other incoming email addresses” are retained and OpenID bit is set to false ,thus creating an end of session and disabling the feature. | member1@dev.systers.org | Aug-16, 2010 21:35 UTC | P | |
| CLMP2 | Globally change primary email address and name with “Other incoming email addresses”: (Before doing this, make sure test member is subscribed with same email address on other test lists) | - Confirmation that all test lists in question have successfully changed - “delete” bit remains “f”alse (use psql to confirm) - Member is still listed in Membership list - “Other incoming email addresses” are retained | member1@dev.systers.org | Aug-16, 2010 21:36 UTC | F | Currently it is changing the password for that particular list for which OpenID is enabled and after chaging address , the openid bit is set to 0 , so disabling OpenID |
| CLMP3 | Unsubscribe | - Email notification to member and unsubscribed from that particular list | member1@dev.systers.org | Aug-16, 2010 21:37 UTC | P | |
| CLMP4 | List other subscriptions | - Displays all lists that member have subscribed to and login to any of the list without any password | memeber1@dev.systers.org | Aug-16, 2010 21:38 UTC | P | |
| CLMP5 | Email password | - Email with password to member of that list only | member1@dev.systers.org | Aug-16, 2010 21:20 UTC | P | |
| CLMP6 | Change password | - Confirmation that password has successfully changed. and password being changed for that list only ,not to the change in common authentication password. The common authentication password will be chaned by this method if user is the list for which common authentication is being set.Changes should be reflected to the db | member1@dev.systers.org | Aug-16, 2010 21:39 UTC | P | |
| CLMP7 | Change password globally | - Confirmation that password has successfully changed. - Changes should be reflected to the db | member1@dev.systers.org | Aug-16, 2010 21:40 UTC | P | |
| CLMP8 | Change values for all options | - Confirmation that changes are successful. - Changes should be reflected to the db | member1@dev.systers.org | Aug-16, 2010 21:41 UTC | F | When a user tries to turn off/on digest mode it could not resolve the password field as it is encrypted, rest other options are working efficiently. Here is a bug report related to that Bug 619061 |
| CLMP9 | Change user name | - Confirmation that changes are successful. - Changes should be reflected to the db | member1@dev.systers.org | Aug-16, 2010 21:42 UTC | P | |
| CLMP10 | Change Common Authentication Password | - Common Authentication Password Changed from the list selected but only for the Database , as the normal logins will have the same password. | member1@dev.systers.org | Aug-16, 2010 21:43 UTC | F | The code needs to be modified , as when you change the password it only changes for the last list in the option, not the one which is selected |
| CLMP11 | Disable Common Authentication | - Common Authentication Disabled and OpenID for the user, shows a message for the disabling of common authentication - Changes should be reflected to the db | member1@dev.systers.org | Aug-16, 2010 21:44 UTC | P |
There is a small UI bug for the membership branch which shows when the admin tries to add a new Mailing List , although the changes are reflected in the mailman_members database as well as in the Mailing Lists's database , the new list is also shown on the listinfo page, it is basically a UI bug where we expect it to show the message for the list creation. Here is a bug report related to that Bug 619509