Open Stack

David's questions are good ones.  I do like the idea of self-registration, but the admin will almost certainly want some controls over their initial placement in the system (domain, project, roles, etc).  I think part of this blueprint should include the specification / editing of these defaults in a new page on Horizon.

Jeff

-----Original Message-----
From: Lyle, David 
Sent: Sunday, November 10, 2013 11:31 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [horizon] User registrations

I think there is certainly interest.  I do think it will need to be highly configurable to be useful.  The problem, as Dolph points out, is that each deployment has its own workflow.  

Points of configuration:
-Does the local keystone deployment policy support self-registration?  The default is no.  So, at that point access to self-registration should be hidden.

-How many steps are required in the registration process?

-Is payment information required?  Address?  

-How is the registration confirmed, email, text, ?

-CAPTCHA?  

I think the two main reasons such a facility is not present in Horizon are:
1. Until recently determining keystone's access policy was not possible.
2. The actual implementation is highly deployment dependent.

-David 

From: Dolph Mathews [mailto:dolph.mathews at gmail.com]
Sent: Monday, November 11, 2013 8:57 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [horizon] User registrations

So, there's a bunch of use case questions here where I suspect there are no correct answers (so preferences will vary per deployment). The first ones that come to mind-

Are the users accessing this web form trusted or untrusted?

Do they need to be verified, somehow? Are they going to be billed for their resource consumption?

After registration, should they own their own domain in keystone? Or be assigned their own project in an existing domain? Or simply be added to an existing group with limited authorization?

On Sun, Nov 10, 2013 at 6:26 PM, Paul Belanger <paul.belanger at polybeacon.com> wrote:
Greeting,

In a previous thread I talked about building an application atop of horizon and keystone.  So far things are working out pretty well.  One thing I have been trying to figure out is how to move forward with user registration for the horizon application.  A few moons ago, IIRC, horizon actually use django-registration however the move to Keystone removed that functionality.

For me, I'd like to expose some functionality within my web application allow users to register vs having an admin provisioning accounts.

So, I'm curious if there is anything interest in having such a module back in horizon but leveraging keystone this time around. I'm actually curious to hear how people see this working since this is the next thing I need to deal with.

--
Paul Belanger | PolyBeacon, Inc.
Jabber: paul.belanger at polybeacon.com | IRC: pabelanger (Freenode)
Github: https://github.com/pabelanger | Twitter: https://twitter.com/pabelanger

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 

-Dolph
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev