[openstack-dev] [keystone] Liberty SPFE Request - IDP Specific WebSSO
Lance Bragstad
lbragstad at gmail.com
Tue Aug 18 19:59:37 UTC 2015
Just following up the thread; this was voted on during the Keystone meeting
today and the SPFE has been granted [0].
http://eavesdrop.openstack.org/irclogs/%23openstack-meeting/%23openstack-meeting.2015-08-18.log.html#t2015-08-18T18:03:37
On Thu, Aug 13, 2015 at 9:49 AM, Morgan Fainberg <morgan.fainberg at gmail.com>
wrote:
> To be fair this is pushing late into the cycle for adding a new target for
> Liberty. We already have a very large body of code that has historically
> not received consistent reviewing. My concern is that we're again rushing
> things in at the wire and will get a substandard implementation.
>
> I wont block this, but as with the other spec freeze exceptions we will
> vote at the next keystone meeting on accepting this spec freeze exception.
>
> Please make sure to add it to the weekly meeting and feel free to continue
> this discussion here on the ML to cover justifications etc.
>
> --Morgan
>
> Sent via mobile
>
> On Aug 12, 2015, at 16:20, Lance Bragstad <lbragstad at gmail.com> wrote:
>
> Hey all,
>
>
> I'd like to propose a spec proposal freeze exception for IDP Specific
> WebSSO [0].
>
> This topic has been discussed, in length, on the mailing list [1], where
> this spec has been referenced as a possible solution [2]. This would allow
> for multiple Identity Providers to use the same protocol. As described on
> the mailing list, this proposal would help with the public cloud cases for
> federated authentication workflows, where Identity Providers can't be
> directly exposed to users.
>
> The flow would look similar to what we already do for federated
> authentication [3], but it includes adding a call in step 3. Most of the
> code for step 3 already exists in Keystone, it would more or less be adding
> it to the path.
>
>
> Thanks!
>
>
> [0] https://review.openstack.org/#/c/199339/2
> [1]
> http://lists.openstack.org/pipermail/openstack-dev/2015-August/071131.html
> [2]
> http://lists.openstack.org/pipermail/openstack-dev/2015-August/071571.html
> [3] http://goo.gl/lLbvE1
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150818/ea8c245e/attachment-0001.html>
More information about the OpenStack-dev
mailing list