Developers of Sympa

[Olivier Salaün <address@concealed>]

Hello,

I think it's time to move this thread to the sympa-dev mailing list that seems more appropriate.

Le 16/03/2010 21:24, address@concealed a écrit :

Hi, I am sorry I didnt send my last message to the list.

Uncommenting db user is good, it is working, but it still not enough,
because if for example a user logins to wikipedia using my AuthCookie and
then moves to Sympa, the auth session is validated but not the Sympa
session.

  

That's right, the Sympa login session does not automatically inherit from your AuthCookie session. wwsympa.fcgi will check the AuthCookie session only when the user hits the login button.

What I need to do, and I think is the best solution, is to modify the code,
when Sympa is checking wether the user has a valid session or not, fetch the
info I am saving from the user (for example in memcached) and log in the
user in sympa system automatically.

It could be good if you can tell me in which files I have to focus, where
sympa is checking if the user has a valid session and if sympa has an
interface to send the emails and pass the log in, like ?
login=email&pass=pass.
  

You could get inspired by the way Sympa web interface is able to do x.509 certificate authentication.
Here is the related code in wwsympa.fcgi :

         if (($ENV{'SSL_CLIENT_S_EMAIL'})) {
         ## this is the X509v3 SubjectAlternativeName, and requires
         ## a patch to mod_ssl -- address@concealed
         $param->{'user'}{'email'} = lc($ENV{'SSL_CLIENT_S_EMAIL'});