Developers of Sympa

[John-Paul Robinson <address@concealed>]

I'm trying to figure out how to force an unauthenticated user to 
authenticate via generic_sso when they attempt to perform an action that 
requires authorization.  After the user is authenticated, i'd like to also 
have them return to the original request that triggered authn/z.  

As an example, I've set up a command front end for myVocs
(http://myvocs.org).  One of the commands the I want a user to be able to
execute is "join <mailinglist/vo>".  This command directs their browser to
the "subscribe" action for the specificed mailing list.  

This works correctly if the user is already logged into Sympa.  It doesn't 
work as intended when the user is not yet logged in though.  When the user 
is not yet logged in, they are promted for their email address.  I agree 
that this is the expected behavior for a public email list.  

I've tried to change "Who can subcribe to the list" setting to "need 
authentication..." from the default "anyone, no auth", but this doesn't 
seem to change the behavior of prompting for the email address. I'm 
expecting the user to be routed through the identity provider instead.

Do you have any thoughts on how best to approach this problem?

Thanks,

~jpr