[openstack-dev] [horizon][keystone]
Lin Hua Cheng
os.lcheng at gmail.com
Sat Nov 14 02:59:23 UTC 2015
David,
FYI, I've submitted a patch to enable registering Identity Providers in
horizon:
https://review.openstack.org/#/c/244991/
The next logical step for this is to look at the IdP mapping.
I can follow-up on the work by Anton to add that support for horizon.
Can you send me the code and documents you may have related to this?
Thanks,
Lin
On Wed, Oct 7, 2015 at 11:12 AM, David Chadwick <d.w.chadwick at kent.ac.uk>
wrote:
>
>
> On 07/10/2015 18:29, Adam Young wrote:
> > On 10/07/2015 11:51 AM, Adam Young wrote:
> >> Send me what you have, and I will post it as a Work in progress review
> >> against Horizon. That way at least it will be available for others to
> >> look at and potentially adopt.
> >
> > Review has been posted here
> > https://review.openstack.org/232114
> >
>
> thanks Adam
>
> >
> > I made a best guess as far as where it it should be placed in the source
> > tree. I have not tested the code.
> >
> > David and I have both signed the CLA. I am fairly certon Anton did not.
> > It would be easiest for OpenStack to accept this code if he did, as
> > there would be no question about copyright or licensing.
>
> Legally speaking it is not necessary, since any code produced by
> students as part of their degree course does not belong to them.
> However, it would be courteous of us to ask him, so I have done this.
>
> >
> > David also provided me with a PDF version of Anton's dissertation. I do
> > not know what the status of that document, but it would be a great
> > resource to anyone that wants to take this code and get it integrated
> > into Horizon.
>
> This can be made publicly available after the exam board next month.
> Until then I will give out personal copies for private study.
>
> regards
>
> David
>
> >
> > This does not look like a radical stretch. It would be a decent
> > opportunity for anyone looking to get involved with OpenStack to step
> > into something immediately.
> >
> >
> >
> >
> >>
> >>
> >>
> >> On 10/07/2015 11:37 AM, David Chadwick wrote:
> >>> Hi Douglas
> >>>
> >>> we are happy for you (or someone else) to submit the code in 3 names:
> >>> theirs, mine and Anton's. Then this third person can do all the work
> >>> necessary to get it approved. In this way it is legitimate, since the
> >>> third person will have contributed to the overall effort.
> >>>
> >>> I dont have any spare time yet for another month or so. After that I
> >>> could submit it, but having never done it before for Horizon, there
> will
> >>> be a big learning curve. And I might not have time to learn it
> >>>
> >>> regards
> >>>
> >>> David
> >>>
> >>> On 07/10/2015 16:05, Douglas Fish wrote:
> >>>> Hi David,
> >>>> This sounds like a great set of code, I'm sure we are going to
> >>>> realize
> >>>> we want it sooner or later! Unfortunately I can't consume code in this
> >>>> way (I can't propose code written by somebody else) and I can't spend
> >>>> significant time on it right now.
> >>>> Would you or Anton be willing to propose whatever code and
> >>>> documentation
> >>>> you have to Horizon? It doesn't have to be complete; it doesn't need
> to
> >>>> have grammar cleaned up or anything like that. You could mark it as a
> >>>> "Work in progress", and make it clear in the commit message that you
> >>>> aren't planning further work on this, so the patch is available for
> >>>> adoption. That way somebody else may be able to pick this up and
> >>>> work on
> >>>> it in the future, but Anton could get credit for the work he has done.
> >>>>
> >>>> Doug Fish
> >>>>
> >>>> ----- Original message -----
> >>>> From: David Chadwick <d.w.chadwick at kent.ac.uk>
> >>>> To: OpenStack Development Mailing List
> >>>> <openstack-dev at lists.openstack.org>
> >>>> Cc:
> >>>> Subject: [openstack-dev] [horizon][keystone]
> >>>> Date: Tue, Oct 6, 2015 2:13 PM
> >>>> Dear All
> >>>>
> >>>> One of my students, Anton Brida, has developed an Attribute
> >>>> Mapping GUI
> >>>> for Horizon as part of his MSc project. Attribute mappings are an
> >>>> essential, though complex, part of federated Keystone.
> >>>> Currently they
> >>>> can only be created as JSON objects in the config file. The
> >>>> Horizon code
> >>>> allows them to be dynamically created via an easy to use GUI.
> >>>>
> >>>> Since Anton has now left the university for full time
> >>>> employment, he is
> >>>> not able to go through the process of submitting his code to
> >>>> the next
> >>>> release of Horizon. His design however was submitted to
> >>>> InVision and
> >>>> commented on by various people at the time of the development.
> >>>>
> >>>> I am now looking for someone who would like to take a copy of
> >>>> this code
> >>>> and go through the process of submitting this to the next
> >>>> release of
> >>>> Horizon. I have a copy of Anton's MSc dissertation as well which
> >>>> explains the work that he has done.
> >>>>
> >>>> All the attribute mapping features are supported in Anton's code
> >>>> (groups, users, direct mapping, multiple attribute values etc.)
> >>>> However the whitelist/blacklist feature is not, since this was
> >>>> not fully
> >>>> incorporated into Keystone when Anton was doing his
> >>>> implementation. (I
> >>>> am still not sure if it has been.)
> >>>>
> >>>> The code has a couple of known bugs:
> >>>>
> >>>> 1. when a user tries to enter an email address into an
> >>>> attribute value
> >>>> (i.e. username at example.com) and saves the mapping rule into the
> >>>> database, after reloading the new list of mappings rules the
> >>>> interface
> >>>> does not work as intended. The particular reason why this is
> >>>> happening
> >>>> is yet unknown. The only way to avoid such disruption is to
> >>>> delete the
> >>>> faulty mapping rule from the table. After removing the faulty
> >>>> rule the
> >>>> interface works as intended.
> >>>>
> >>>> 2. Some of the descriptive text needs improvement due to
> incorrect
> >>>> grammar.
> >>>>
> >>>> There is also the following suggested enhancement which can be
> >>>> added
> >>>> later:
> >>>>
> >>>> 1. After the mapping rules are created with the GUI, when they
> are
> >>>> displayed, they are still in JSON format. It would be nice to
> >>>> be able to
> >>>> display the rules in a table or similar.
> >>>>
> >>>> If you would like to take on the job of submitting this code to
> >>>> Horizon
> >>>> for review and incorporation, please contact me
> >>>>
> >>>> regards
> >>>>
> >>>> David
> >>>>
> >>>>
> __________________________________________________________________________
> >>>>
> >>>> OpenStack Development Mailing List (not for usage questions)
> >>>> Unsubscribe:
> >>>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> __________________________________________________________________________
> >>>>
> >>>> OpenStack Development Mailing List (not for usage questions)
> >>>> Unsubscribe:
> >>>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >>>>
> >>>
> __________________________________________________________________________
> >>>
> >>> OpenStack Development Mailing List (not for usage questions)
> >>> Unsubscribe:
> >>> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >>
> >>
> >>
> __________________________________________________________________________
> >>
> >> OpenStack Development Mailing List (not for usage questions)
> >> Unsubscribe:
> >> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >
> >
> >
> __________________________________________________________________________
> > OpenStack Development Mailing List (not for usage questions)
> > Unsubscribe:
> OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20151113/b020a1e4/attachment.html>
More information about the OpenStack-dev
mailing list