
<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Feb 6, 2015 at 12:47 PM, Adam Young <span dir="ltr"><<a href="mailto:ayoung@redhat.com" target="_blank">ayoung@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

  
  <div bgcolor="#FFFFFF" text="#000000"><div><div class="h5">

    <div>On 02/04/2015 03:54 PM, Thai Q Tran

      wrote:<br>

    </div>

    <blockquote type="cite"><font face="Default Sans

        Serif,Verdana,Arial,Helvetica,sans-serif">Hi all,<br>

        <br>

        I have been helping with the websso effort and wanted to get

        some feedback.<br>

        Basically, users are presented with a login screen where they

        can select: credentials, default protocol, or discovery service.<br>

        If user selects credentials, it works exactly the same way it

        works today.<br>

        If user selects default protocol or discovery service, they can

        choose to be redirected to those pages.<br>

        <br>

        Keep in mind that this is a prototype, early feedback will be

        good.<br>

        Here are the relevant patches:<br>

        <a href="https://review.openstack.org/#/c/136177/" target="_blank">https://review.openstack.org/#/c/136177/</a><br>

        <a href="https://review.openstack.org/#/c/136178/" target="_blank">https://review.openstack.org/#/c/136178/</a><br>

        <a href="https://review.openstack.org/#/c/151842/" target="_blank">https://review.openstack.org/#/c/151842/</a><br>

        <br>

        I have attached the files and present them below:<br>

      </font></blockquote>

    <br>

    <br>

    <br></div></div>

    Replace the dropdown with a specific link for each protocol type:<br>

    <br>

    SAML and OpenID  are the only real contenders at the moment, but we

    will not likely have so many that it will clutter up the page.<br></div></blockquote><div><br></div><div>Agree, but the likelihood that a single IdP will support multiple protocols is probably low. Keystone certainly supports that from an API perspective, but I don't think it should be the default UX. Choose a remote IdP first, and then if *that* IdP supports multiple federation protocols, present them.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000">

    <br>

    Thanks for doing this.<span class=""><br>

    <blockquote type="cite"><font face="Default Sans

        Serif,Verdana,Arial,Helvetica,sans-serif"><br>

        <img src="cid:part1.02000807.03030104@redhat.com" alt=""><img src="cid:part2.08030406.05000801@redhat.com" alt=""><img src="cid:part3.07010500.08010009@redhat.com" alt=""><img src="cid:part4.00010008.05020408@redhat.com" alt=""><br>

        <br>

        <br>

      </font>

      <br>

      <fieldset></fieldset>

      <br>

      <pre>__________________________________________________________________________

OpenStack Development Mailing List (not for usage questions)

Unsubscribe: <a href="mailto:OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a>

<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a>

</pre>

    </blockquote>

    <br>

  </span></div>


<br>__________________________________________________________________________<br>

OpenStack Development Mailing List (not for usage questions)<br>

Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>

<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>

<br></blockquote></div><br></div></div>