Difference between revisions of "Keystone-Essex-BP-AuthZ"

Latest revision as of 07:06, 22 September 2013

Old Design Page

This page was used to help design a feature for a previous release of OpenStack. It may or may not have been implemented. As a result, this page is unlikely to be updated and could contain outdated information. It was last updated on 2013-09-22

Goals:

Support a capability model (Ex: Delete Files) by allowing services identify capabilities by endpoint
Map capabilities to role, allowing a role to span multiple endpoints & services
Allow restrictions on capabilities to certain resources (ex: John Doe may have access to Delete Files but only on myserver.server.com).
Map users and groups to roles

Revision as of 21:22, 16 February 2013 (view source) Corvus (talk \| contribs) m ← Older edit		Latest revision as of 07:06, 22 September 2013 (view source) Fifieldt (talk \| contribs)
Line 1:		Line 1:
		+	{{OldDesignPage}}
		+
	'''Goals:'''		'''Goals:'''