4.65. Admin Web interface requires reauthentication (e.g., re-entering the password) at every step and doesn't save changes.
This is a companion to FAQ 4.45 The admin web interface is not saving my changes and may or may not ask me to re-enter my password -- what is wrong?, but that addresses the situation where changes are not saved but reauthorization is not required at every step.
The most common cause of the problem addressed here is not saving cookies in your browser, but that is fairly obvious in light of the notice "Important: From this point on, you must have cookies enabled in your browser, otherwise no administrative changes will take effect." on the authentication page.
A couple of other situations have been observed which can cause this symptom. In at least one case, a personal firewall/security product was interfering with the setting and/or returning of cookies. See the thread at http://mail.python.org/pipermail/mailman-users/2005-November/047681.html.
In another, particularly thorny, case i18n settings on the host were causing the environment variable name HTTP_COOKIE passed by Apache to Mailman to be misspelled with the 'I' transliterated to a Turkish equivalent 'I with dot above' (\u0130). Here is a more detailed description.
The problem was caused by the LANG entry in the /etc/sysconfig/i18n file. When I reboot the system with
in i18n, the apache variables like HTTP_COOKIE is seen as HTTP_COOK\u0130E by mailman. (Note: capital "I" is "\u0130" and lowercase i is "\u0131" in Turkish.) Exporting LANG to some other charset (like en_US.UTF-8) does not correct the problem alone but when I reboot the system with LANG=en_US.UTF-8 in i18n, the problem does not occur. And exporting LANG back to tr_TR.iso88599 does not affect those variables, like HTTP_COOKIE, badly. I use this LANG setting to make "vi" to support Turkish characters.
So to summarize, the 'constant reauthentication' problem is caused by Mailman not seeing the previously set authentication cookie, but there can be several causes of this, some of which are quite obscure.
See also FAQ 4.69 Why aren't my mm_cfg.py settings for DEFAULT_URL_PATTERN, DEFAULT_URL_HOST and DEFAULT_EMAIL_HOST effective? and FAQ 4.71 Accessing the web admin interface or private archives via a framed page requires constant reauthorization (e.g., asking me to re-enter my password)..
Converted from the Mailman FAQ Wizard
This is one of many Frequently Asked Questions.