Difference between revisions of "OpenStack:Horizon User Registration Blueprint"

Revision as of 06:49, 6 December 2013

Allow users to register. Right now only admin can create a new user.

Workflow

Add a new signup form in horizon
Onsubmit event of signup form, send user details to an external service (called it "security service")
"security service" is nothing it is a webservice (We can use paste.httpserver or flask)
Why we need an additional service?

  * We need admin access to keystone to create a new user.
  * We can't login to keystone as admin from horizon, that is a security risk, right ?.
  * So I am planning to login to keystone as admin from "security service"
  * "security service" will makes an API call to keystone to create a new user
  * We can also save additional user details in the field 'text' of keystaon's 'user' table as json object. Or use our on Local DB.

Security service creates user in disable mode and return the response back to horizon
horizon will send account activation url to user's email id.
Once the user clicks on activation link, flow is again same. First comes to horizon, then to 'security service' and makes keystone api call for user activation.

Workflow Diagram

File:Diagram user registartion.pdf

Mailing List

Mailig List Discussion

@@ Line 2: / Line 2: @@
 Allow users to register. Right now only admin can create a new user.
-Workflow
+'''Workflow'''
-========
 * Add a new signup form in horizon
 * Onsubmit event of signup form, send user details to an external service (called it "security service")
@@ Line 17: / Line 17: @@
 * Once the user clicks on activation link, flow is again same. First comes to horizon, then to 'security service' and makes keystone api call for user activation.
-Workflow Diagram
+'''Workflow Diagram'''
-===============
 [[File:Diagram_user_registartion.pdf]]
-Mailing List
+'''Mailing List'''
-==========
 [http://lists.openstack.org/pipermail/openstack-dev/2013-November/018523.html Mailig List Discussion]