On 06/08/2013 18:11, Jay Pipes wrote:
What SMTP, DNS and LDAP extensions are in use by systems that need to interoperate in the same way that Keystone does? <-- This is a genuine question, not sarcasm. I'm truly curious.
Take SMTP for example. My Thunderbird client needs to know what authentication extensions are implemented by the POP3 server and SMTP server that it is talking to, in order to send and receive email in a secure manner.
In the same way, once Keystone supports say federated login as an extension, a client will need to know if this extension is supported or not. If not, it wont be able to offer it to the end user. (It is not a sensible design for a client to send an extension protocol message to a server and get a 400 Bad Request response. This tells the client nothing. 501 Not Implemented might be a more informative response, but in this case the server has to know that an extension was requested and we have to document that this is the standard response to an unimplemented extension).
regards David
Best, -jay
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
