In this ticket https://storyboard.openstack.org/#!/story/2000239 is
mentioned only about OpenID. If I will be use OAuth2.0, how I can
distinguish between users?
I guess that User API
Here you can find slides with general user stories:
- create user account
- access to resource required user auth in Web UI
- access to resource required user auth in CLI client
On 03/04/15 17:52, Monty Taylor wrote:
Could do better: ACLs for Vulnerability management
--
snip
I'd love to learn how wikimedia is working with this.
http://www.mediawiki.org/wiki/Phabricator/Security
tl;dr They have added a security
Vladislav , oauth2 is not meant for authentication, is meant for
authorization, if you use oauth2 for authentication, then you are
introducing some security issues on your app
http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html
if you want to authenticate your users in
On 03/04/15 18:06, Jeremy Stanley wrote:
On 2015-04-03 11:54:00 -0400 (-0400), Sean Dague wrote:
[...]
2) is there an event stream of changes (either real time or rss) that
can be consumed by said tools? Having the change stream would be really
helpful.
Which relates to a feature request we
On 03/04/15 17:57, Monty Taylor wrote:
On 04/03/2015 11:44 AM, Michael Krotscheck wrote:
This proposal is all well and good, however (no offense intended) Monty's
got a history of putting out neat proposals and leaving someone else to
support it. Without identifying a dedicated person/resource
Vlad,
The relevant information is documented here:
http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/openid.html#openid-2-0-request-authentication-response
You must first make the OpenID request in order to get the correct
identifier. As
On 2015-04-16 15:57:10 +0300 (+0300), Vladislav Kuzmin wrote:
[...]
I've used this documentation
http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/oauth2.html
[...]
By the way, the documentation for it is now continuously published
to
