Difference between revisions of "Nova/AuthManagerSpec"
| Line 23: | Line 23: | ||
=== Phase 1 === | === Phase 1 === | ||
| − | {{auth_phase1.png}} | + | {{http://wiki.openstack.org/Nova/AuthManagerSpec?action=[[AttachFile]]&do=get&target=auth_phase1.png}} |
=== Code Changes === | === Code Changes === | ||
Revision as of 19:10, 13 May 2011
- Launchpad Entry: NovaSpec:finalize-nova-auth
- Created: May 12, 2011
- Contributors: Brian Waldon, Brian Lamar
Summary
OpenStack needs an authentication/authorization system which will allow for centralization of authentication/authorization credentials. Currently we are investigating Keystone for such a system.
""Author(s):"" John Eo, Khaled Hussein, Ziad Swahala, and more... ""Version Control:"" https://github.com/khussein/keystone
User stories
As a deployer of Nova, I want to use Keystone as my authn/authz backend.
As a deployer of Nova, I want to use the existing authn/authz backend.
As a deployer of Nova, I want it to be painless to transition an existing deployment from the existing database into Keystone.
Implementation
Phase 1
{{http://wiki.openstack.org/Nova/AuthManagerSpec?action=AttachFile&do=get&target=auth_phase1.png}}
Code Changes
We will ensure Keystone is using compatible/standard methods for it's WSGI/API interface. Currently it is utilizing `bottle` for many WSGI tasks. Updating Keystone to use `webob`, `routes`, and other OpenStack standard WSGI libraries will greatly increase the chances of success for the project.
