← Back to team overview

openstack team mailing list archive

Re: Federated Identity Management (bursting and zones)


On Wed, Mar 30, 2011 at 11:57 AM, Sandy Walsh <sandy.walsh@xxxxxxxxxxxxx> wrote:
> http://wiki.openstack.org/ZonesOauth

"At this point the user will be asked to confirm the request (assuming
this is the first interaction the user has had with this Zone). So,
here's an authenticated user getting this seemingly random prompt
"ServiceProvider.DataCenter.Tower2 would like access to your
Permissions. Will you grant this?" Huh? That would make no sense. Even
less given the fact that the user had to authenticate to get to Zone A
in the first place (her credentials have already been given to the
client tool). "

I think that if the system used capabilities/ZBAC then there would be
no such weird prompting.


Follow ups