Difference between revisions of "OpenStack:Horizon User Registration Blueprint"
m |
m |
||
Line 2: | Line 2: | ||
Allow users to register. Right now only admin can create a new user. | Allow users to register. Right now only admin can create a new user. | ||
− | Workflow | + | '''Workflow''' |
− | + | ||
* Add a new signup form in horizon | * Add a new signup form in horizon | ||
* Onsubmit event of signup form, send user details to an external service (called it "security service") | * Onsubmit event of signup form, send user details to an external service (called it "security service") | ||
Line 17: | Line 17: | ||
* Once the user clicks on activation link, flow is again same. First comes to horizon, then to 'security service' and makes keystone api call for user activation. | * Once the user clicks on activation link, flow is again same. First comes to horizon, then to 'security service' and makes keystone api call for user activation. | ||
− | Workflow Diagram | + | '''Workflow Diagram''' |
− | + | ||
[[File:Diagram_user_registartion.pdf]] | [[File:Diagram_user_registartion.pdf]] | ||
− | Mailing List | + | '''Mailing List''' |
− | + | ||
[http://lists.openstack.org/pipermail/openstack-dev/2013-November/018523.html Mailig List Discussion] | [http://lists.openstack.org/pipermail/openstack-dev/2013-November/018523.html Mailig List Discussion] |
Revision as of 06:49, 6 December 2013
Allow users to register. Right now only admin can create a new user.
Workflow
- Add a new signup form in horizon
- Onsubmit event of signup form, send user details to an external service (called it "security service")
- "security service" is nothing it is a webservice (We can use paste.httpserver or flask)
- Why we need an additional service?
* We need admin access to keystone to create a new user. * We can't login to keystone as admin from horizon, that is a security risk, right ?. * So I am planning to login to keystone as admin from "security service" * "security service" will makes an API call to keystone to create a new user * We can also save additional user details in the field 'text' of keystaon's 'user' table as json object. Or use our on Local DB.
- Security service creates user in disable mode and return the response back to horizon
- horizon will send account activation url to user's email id.
- Once the user clicks on activation link, flow is again same. First comes to horizon, then to 'security service' and makes keystone api call for user activation.
Workflow Diagram
File:Diagram user registartion.pdf
Mailing List