<div dir="ltr"><span id="docs-internal-guid-70555dd6-a405-f30f-3042-a3339c08c727"><font face="arial, helvetica, sans-serif"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap;background-color:transparent">16.07.2014 meeting results:</span></p>
<div><span><font face="arial, helvetica, sans-serif"><br></font></span></div><div><span><font face="arial, helvetica, sans-serif">Participants:</font></span></div><div><span style="font-family:arial,sans-serif;font-size:13px;white-space:nowrap">L. Oles</span><br>
</div><div><span><font face="arial, helvetica, sans-serif">N. Markov</font></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">V. Kramskikh</span><br></div><div><span style="font-family:arial,sans-serif;font-size:13px">A. Kislitsky</span><br>
</div><br><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap;background-color:transparent">Acceptance points of authentication in FUEL:</span></p>
<ol style="margin-top:0pt;margin-bottom:0pt"><li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt">
<span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">Each project (nailgun, CLI, UI, OSTF) should authenticate in Keystone and use received token in other services </span><span style="white-space:pre-wrap;background-color:transparent">requests</span></p>
</li><li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">Authentication can be enabled or disabled by parameters in settings for each project</span></p>
</li><li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">We should have tests coverage with and without authentication</span></p>
</li><li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><p dir="ltr" style="line-height:1.15;margin-top:0pt;margin-bottom:0pt"><span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">We should implement default strategy(policy) for API requests - authentication required, but for some requests should be excluded from authentication checking (for example adding node, checking is authentication enabled in nailgun API)</span></p>
</li><li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">Nailgun API should handle Keystone tokens</span></li>
<li dir="ltr" style="list-style-type:decimal;color:rgb(0,0,0);vertical-align:baseline;background-color:transparent"><span style="vertical-align:baseline;white-space:pre-wrap;background-color:transparent">We should have human oriented error messages for Keystone and authentication errors</span></li>
</ol></font></span></div>