Open Stack

Thanks Ioram,

>From the keystone side: the one issue with listing IdPs is that some may
be private, so we're now looking to exploit the apache plugin data in the
environment (https://review.openstack.org/#/c/142743/), thus from the
horizon side the only data they need to send over would be the protocol
that the IdP uses.

What i'm taking away from some of the comments is to preserve the usual
(username and password) flow, and maybe it'll be easier to just list off
the protocols in a separate drop down (SAML and OpenID Connect).

Steve

Ioram Schechtman Sette <iss at cin.ufpe.br> wrote on 02/05/2015 06:04:36 AM:

> From: Ioram Schechtman Sette <iss at cin.ufpe.br>
> To: "OpenStack Development Mailing List (not for usage questions)" 
> <openstack-dev at lists.openstack.org>
> Date: 02/05/2015 06:14 AM
> Subject: Re: [openstack-dev] [horizon][keystone]
> 
> Hi Thai,
> 
> I agree with Anton that the names are not intuitive for users.

> I would use something like:
> - Local authentication (for local credentials)
> - ?? (I also have no idea of what is a Default protocol)
> - Authenticate using <name of IdPs or federation> (something which 
> is easy to the user understand that he could use or not - this is 
> for the discovery service or remote IdP)

> Here in the University of Kent we used another approach.
> Instead of selecting the method using a "list/combo" box, we present
> all the options in a single screen.
> I think it's not beautiful, but functional.
> I think it would be easier to the user if they could have all the 
> options in a single interface, since it doesn't become too much 
> loaded (visually polluted).
> 
> [image removed] 
> Regards,
> Ioram
> 
> 2015-02-05 9:20 GMT+00:00 Anton Zemlyanov <azemlyanov at mirantis.com>:
> Hi,
> 
> I guess "Credentials" is login and password. I have no idea what is 
> "Default Protocol" or "Discovery Service".
> The proposed UI is rather embarrassing.
> 
> Anton
> 
> On Thu, Feb 5, 2015 at 12:54 AM, Thai Q Tran <tqtran at us.ibm.com> wrote:
> Hi all,
> 
> I have been helping with the websso effort and wanted to get some 
feedback.
> Basically, users are presented with a login screen where they can 
> select: credentials, default protocol, or discovery service.
> If user selects credentials, it works exactly the same way it works 
today.
> If user selects default protocol or discovery service, they can 
> choose to be redirected to those pages.
> 
> Keep in mind that this is a prototype, early feedback will be good.
> Here are the relevant patches:
> https://review.openstack.org/#/c/136177/
> https://review.openstack.org/#/c/136178/
> https://review.openstack.org/#/c/151842/
> 
> I have attached the files and present them below:
> 
> [image removed] [image removed] [image removed] [image removed] 
> 
> 

> 
__________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: 
OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

> 
> 
> 
__________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: 
OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

> 
__________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: 
OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150205/9cd82986/attachment.html>