Hi James – this is interesting work. Desire to incorporate it into
Keystone will increase when and if it gains traction. Either way, if
this is something someone (you?) wants to implement as a keystone
plug-in, that's why we made it pluggable.
Reconfirming also that we're specifically not trying to solve identity
(or web identity) with Keystone. We're focused on providing a
framework for integrating any existing standard (or custom) identity
solution into OpenStack.
Thanks for the link.
Z
From: James Weir <james.weir@xxxxxxxxxxxxxx
<mailto:james.weir@xxxxxxxxxxxxxx>>
Date: Thu, 26 May 2011 09:52:54 +0200
To: Ziad Sawalha <ziad.sawalha@xxxxxxxxxxxxx
<mailto:ziad.sawalha@xxxxxxxxxxxxx>>
Cc: "openstack@xxxxxxxxxxxxxxxxxxx
<mailto:openstack@xxxxxxxxxxxxxxxxxxx>" <openstack@xxxxxxxxxxxxxxxxxxx
<mailto:openstack@xxxxxxxxxxxxxxxxxxx>>
Subject: Re: [Openstack] Keystone Release #1 - seeking community input
Hi,
Unsure if this is interesting also to consider under the keystone project:
http://www.w3.org/wiki/Foaf+ssl
This is more for social web, but might be interesting for user
authentication.
Regards
James
On 5/26/11 9:04 AM, Ziad Sawalha wrote:
Hi Everyone!
It's been a while since the summit in Santa Clara. It was great
meeting with everyone who was there – looking forward to the next one!
Since the summit, we've been working on Keystone and figuring out how
to integrate it into OpenStack (Nova, Swift, Glance, and the
dashboard). There has been much activity on the project. The code,
design, and API has been changing daily. Anyone interested, please
join us.
*_RELEASE 1_*
Milestone 1 for Diablo is right around the corner already! The goal
remains to create a common auth system supporting existing use cases.
There are a couple of proposals we'd like community input on before
we get too far into the implementation:
1. API spec
2. Scope of first release
*API Spec*
We've published an API spec doc which we've been altering as requests
come in for changes. The spec includes proposals for a core API that
covers:
* tokens: for authentication
* tenants: for isolating and grouping resources to support
multi-tenancy
* users: because we have to!
* roles: to support the Nova roles (see
http://nova.openstack.org/runnova/managing.users.html for roles
and users)
* credentials: to address the EC2, Rackspace auth,
multiple-credentials question
The draft spec is on github and includes both the core APIs and
additional extensions needed to make Keystone function as a
stand-alone system. We'd like to lock it down as soon as is
feasible. R1 is too close (June 2nd) so we probably won't be done by
then, but aiming for Friday June 10th gives us a good couple of weeks
to get there and then a couple of weeks to firm up implementation and
tests, so we should be able to hit R2 with a locked down API.
*Scope of R1*
For the first Diablo milestone, we're aiming to support the user
stories listed in http://wiki.openstack.org/KeystoneR1
*_ANNOUNCEMENTS_*
*Repo*
We're moving the source to the Rackspace repo (mainly because we can
add multiple admins). Please start using the new repo. I will keep
both in sync for a while.
https://github.com/rackspace/keystone/
I was able to change my config with those commands:
git remote rm origin
git remote add origin -m master -t master
https://your/-login/@github.com/rackspace/keystone.git
As you open new issues, please use the Rackspace repo.
*Participate*
If you're interested in joining the team and working on Keystone,
we'd love the input and help. Just let me know. And, of course,
anyone is welcome to submit code, blueprints, issues, etc…
Looking forward to hearing from ya'll.
Ziad
Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
atabuse@xxxxxxxxxxxxx, and delete the original message.
Your cooperation is appreciated.
_______________________________________________
Mailing list:https://launchpad.net/~openstack
Post to :openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe :https://launchpad.net/~openstack
More help :https://help.launchpad.net/ListHelp
--
James Weir
Chief Technology Officer
james.weir@xxxxxxxxxxxxxx
Linkedin:http://www.linkedin.com/in/jamesweir
Tel: +33 (0)675 23 80 23
www.usharesoft.com
twitter.com/usharesoft
Confidentiality Notice: This e-mail message (including any attached or
embedded documents) is intended for the exclusive and confidential use of the
individual or entity to which this message is addressed, and unless otherwise
expressly indicated, is confidential and privileged information of Rackspace.
Any dissemination, distribution or copying of the enclosed material is prohibited.
If you receive this transmission in error, please notify us immediately by e-mail
at abuse@xxxxxxxxxxxxx, and delete the original message.
Your cooperation is appreciated.