[OpenStack-Infra] openstackid.org (revisted)

Sebastian Marcet sebastian at tipit.net
Mon Jun 22 21:58:26 UTC 2015 

btw, openstackid.org does not implements Resource Owner Password
Credentials( http://tools.ietf.org/html/rfc6749#section-4.3 )
bc,

" The resource owner password credentials grant type (see [RFC6749],
<https://tools.ietf.org/html/rfc6749#section-4.3>

   Section 4.3 <https://tools.ietf.org/html/rfc6749#section-4.3>),
often used for legacy/migration reasons, allows a
   client to request an access token using an end-user's user id and
   password along with its own credential.  This grant type has higher

   risk because it maintains the UID/password anti-pattern."

check https://tools.ietf.org/html/rfc6819#section-4.4.3

regards

On Mon, Jun 22, 2015 at 6:49 PM, Steve Martinelli <stevemar at ca.ibm.com>
wrote:

> Hey Kambiz,
>
> I recently blogged about configuring Keystone to use an OpenID/OAuth2
> identity provider here:
> h
> ttps://developer.ibm.com/opentech/2015/06/17/use-websphere-liberty-as-an-openid-connect-provider-for-openstack/
> <https://developer.ibm.com/opentech/2015/06/17/use-websphere-liberty-as-an-openid-connect-provider-for-openstack/>
>
> It also mentions how to use this from a command line perspective too. Skip
> over the first section since that talks about configuring the identity
> provider.
>
> Thanks,
>
> Steve Martinelli
> OpenStack Keystone Core
>
> Kambiz Aghaiepour <kambiz at redhat.com> wrote on 06/22/2015 05:21:05 PM:
>
> > From: Kambiz Aghaiepour <kambiz at redhat.com>
> > To: openstack-infra at lists.openstack.org
> > Date: 06/22/2015 05:23 PM
> > Subject: [OpenStack-Infra] openstackid.org (revisted)
> >
> > A while back, my collegue Dan Radez posted a question looking for
> > information on how to use openstackid.org as the authz/authn backend
> > (via oauth2 and/or openid, or a combination thereof).  The original
> > thread is here:
> >
> >    http://lists.openstack.org/pipermail/openstack-infra/2015-
> > January/002293.html
> >
> > I have taken over on the setup and configuration of and RDO/Kilo
> > environment that once configured will become the new trystack.org.  Is
> > there documentation available on how to configure openstack to use
> > openstackid for both CLI and web/horizon access?  Any pointers would be
> > greatly apprecated.
> >
> > Kambiz
> >
> >
> > --
> > Red Hat, Inc.
> > 100 East Davie Street
> > Raleigh, NC 27601
> >
> > "All tyranny needs to gain a foothold is for people of good conscience
> > to remain silent."  --Thomas Jefferson
> >
> > _______________________________________________
> > OpenStack-Infra mailing list
> > OpenStack-Infra at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
> >
>
> _______________________________________________
> OpenStack-Infra mailing list
> OpenStack-Infra at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-infra/attachments/20150622/ffa7f8a5/attachment-0001.html>

More information about the OpenStack-Infra mailing list