Jump to: navigation, search

Nova/AuthManagerSpec

< Nova
Revision as of 19:09, 13 May 2011 by Brian (talk)
  • Launchpad Entry: NovaSpec:finalize-nova-auth
  • Created: May 12, 2011
  • Contributors: Brian Waldon, Brian Lamar

Summary

OpenStack needs an authentication/authorization system which will allow for centralization of authentication/authorization credentials. Currently we are investigating Keystone for such a system.

""Author(s):"" John Eo, Khaled Hussein, Ziad Swahala, and more... ""Version Control:"" https://github.com/khussein/keystone

User stories

As a deployer of Nova, I want to use Keystone as my authn/authz backend.

As a deployer of Nova, I want to use the existing authn/authz backend.

As a deployer of Nova, I want it to be painless to transition an existing deployment from the existing database into Keystone.

Implementation

Phase 1

Template:Auth phase1.png

Code Changes

We will ensure Keystone is using compatible/standard methods for it's WSGI/API interface. Currently it is utilizing `bottle` for many WSGI tasks. Updating Keystone to use `webob`, `routes`, and other OpenStack standard WSGI libraries will greatly increase the chances of success for the project.

Retrieved from "https://wiki.openstack.org/w/index.php?title=Nova/AuthManagerSpec&oldid=4335"