[openstack-dev] [keystone]Different projects authentication strategy
1021710773 at qq.com
Tue Dec 1 06:23:35 UTC 2015
Hello. I here would like to ask some questions about policy rules.
Now the policy rules of openstack in keystone and other projects are set in policy.json, in other words, the policy rules are equal
to each projects. And the common ways to enforce are in decorative function like protected(). And in keystone project, it manage the users, projects, roles and other resources. Now, some particular projects(tenants) may have its own enforce rules, not just like the policy.json, and in that ways, could we update the usual decorative function of enforce to realize the authentification of projects? And now, the policy model appears in keystone project. Could we use it to create association between projects and policy?
Hope to hear from you. Thanks!
yangweiwei at cmss.chinamobile.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev