Open Stack

Hi all

I think I post about Oauth question

Wil Openstack keystone use OAuth also outside SAML

This is interesting discussion which I am working use CF UAA also
Frans
On Oct 14, 2013 10:30 PM, "Joe Savak" <joe.savak at rackspace.com> wrote:

>  Hi Rok,****
>
>     Is there any reason why we can use pysaml2 (
> https://pypi.python.org/pypi/pysaml2) & (http://pythonhosted.org/pysaml2/)?
> We want to avoid building a custom solution if there’s one already out
> there. : )****
>
> ** **
>
> Thanks,****
>
> joe****
>
> ** **
>
> *From:* Rok Kralj [mailto:os at rok-kralj.net]
> *Sent:* Monday, October 14, 2013 8:57 AM
> *To:* openstack at lists.openstack.org
> *Subject:* [Openstack] SAML support in OpenStack****
>
> ** **
>
> *Hello OpenStack community,*****
>
> As you might remember, some time ago we had a quick discussion about
> supporting the SAML 2.0 protocol for identity management in federations as
> this is the protocol of big importance in business enterprise. At first,
> the discussion gained a fair amount of interest. Just to refresh our minds,
> here is the reference to the discussion on the mailing list:****
>
> http://lists.openstack.org/pipermail/openstack/2013-August/000401.html****
>
> The initial manifesto<https://blueprints.launchpad.net/keystone/+spec/virtual-idp> was
> published by Joe Savak, however, it has been in a drafting stage for quite
> some time now and we would like it to gain some traction on the matter.
> Maybe this is the time to further discuss the overall architecture<https://wiki.openstack.org/wiki/File:Virtual_Identity_Providers.png>,
> collecting as many opinions as possible.****
>
> Our company (XLAB) has been working on an EU funded Contrail project.
> Among other things, we have worked on the components providing discussed
> mechanisms, just using different technologies (SimpleSAMLphp, a mature SAML
> solution, also providing a plethora of other bindings).****
>
> We are willing to contribute our time and resources towards the
> implementation of this functionality in Python if needed and working with
> you on further extension of the idea. We are currently examining these two
> SAML libraries that might suit our (OpenStack's) needs:****
>
> http://lasso.entrouvert.org/ (GNU GPL)****
>
> http://pythonhosted.org/authentic2/index.html (GNU AGPL 3)****
>
> However, considering the fact they are not actively developed anymore and
> are in fact, quite heavy dependencies with C backed, we might be better off
> writing an own, custom solution, despite the needed effort to achieve that.
> ****
>
> We are looking forward to your reply and to working with you,
> Rok Kralj, XLAB research, Slovenia****
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131014/2fc86af5/attachment.html>