yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1343709] Re: Cannot Use existing auth plugins with new methods

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Thu, 04 Sep 2014 14:35:23 -0000
Reply-to: Bug 1343709 <1343709@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1343709

Title:
  Cannot Use existing auth plugins with new methods

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  Auth plugins hard code the "method" that is used to name them in the
  config file.  This prevents reuse, and forces a new Plugin for each
  mod_auth mechanism in Apache HTTPD.  Since there is already a handful
  of "external" plugins, we will have a cross-preoduct of auth plugins;
  one for each mechanism X mapping scheme.

  
  This was discussed at the Hackathon 

  From: https://etherpad.openstack.org/p/keystone-juno-hackathon

  Remove method name from auth plugins (so the method name is owned by
  keystone.conf)

  One place where this shows up is that the "kerberos" method requires a
  new AuthPlugin for existing functionality, such as using the Default
  Domain.  The same is true for SAML, or OpenID connect.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1343709/+subscriptions

References

[Bug 1343709] [NEW] Cannot Use Default Domain with Kerberos
From: Adam Young, 2014-07-18