[openstack-dev] [TripleO][Tuskar] Dealing with passwords in Tuskar-API
Ladislav Smola
lsmola at redhat.com
Thu Feb 20 07:05:41 UTC 2014
On 02/19/2014 08:05 PM, Dougal Matthews wrote:
> On 19/02/14 18:49, Hugh O. Brock wrote:
>> On Wed, Feb 19, 2014 at 06:31:47PM +0000, Dougal Matthews wrote:
>>> On 19/02/14 18:29, Jason Rist wrote:
>>>> Would it be possible to create some token for use throughout? Forgive
>>>> my naivete.
>>>
>>> I don't think so, the token would need to be understood by all the
>>> services that we store passwords for. I may be misunderstanding
>>> however.
>>>
>> Hmm... isn't this approximately what Keystone does? Accept a password
>> once from the user and then return session tokens?
>
> Right - but I think the heat template expects passwords, not tokens. I
> don't know how easily we can change that.
>
We most probably can't. Most of the passwords are sent to keystone to
setup services. Etc.
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
More information about the OpenStack-dev
mailing list