openstack team mailing list archive

Thread
Date

Re: State of OpenStack Auth

To: Jay Pipes <jaypipes@xxxxxxxxx>
From: Michael Mayo <mike@xxxxxxxxxxxxx>
Date: Fri, 4 Mar 2011 09:34:04 -0800
Cc: "<openstack@xxxxxxxxxxxxxxxxxxx>" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <AANLkTik_qcxS8v-_azKhDZbh-OQTeVwGrHzbnWcgyq5S@mail.gmail.com>

> Good points above.
> 
> Also good point :)
> 
> Yup.
> 
> Yes, you have a vote, and yes, it counts.

Thank you very much :)

> Would the best option be if the OpenStack API supported both auth
> mechanisms (signature, basic HTTP) and allowed the deployers to pick
> which ones were best for which clients? For instance, if OpenStack
> supported both auth mechanisms simultaneously, mobile apps could
> choose signatures whereas other clients, say a simple web dashboard,
> could choose HTTP basic auth an re-auth every N hours?

I think this is a great idea as long as you can count on all the auth mechanisms being available.  Mobile devs get to reduce the number of HTTP requests they make, and other developers can avoid dealing with request signing.  Everyone wins.  I love it.

References

State of OpenStack Auth
From: Eric Day, 2011-03-01
Re: State of OpenStack Auth
From: Soren Hansen, 2011-03-01
Re: State of OpenStack Auth
From: Eric Day, 2011-03-01
Re: State of OpenStack Auth
From: Soren Hansen, 2011-03-01
Re: State of OpenStack Auth
From: Eric Day, 2011-03-01
Re: State of OpenStack Auth
From: Jorge Williams, 2011-03-02
Re: State of OpenStack Auth
From: Jesse Andrews, 2011-03-03
Re: State of OpenStack Auth
From: Greg, 2011-03-03
Re: State of OpenStack Auth
From: Jorge Williams, 2011-03-03
Re: State of OpenStack Auth
From: Michael Mayo, 2011-03-03
Re: State of OpenStack Auth
From: Jay Pipes, 2011-03-04