[openstack-dev] [keystone][middleware]: Use encrypted password in the service conf file
pnkk
pnkk2016 at gmail.com
Thu Oct 12 09:43:01 UTC 2017
Thanks, will look forward for https://review.openstack.org/#/c/454897/
Regards,
Kanthi Pavuluri
On Wed, Oct 11, 2017 at 7:46 PM, Lance Bragstad <lbragstad at gmail.com> wrote:
> This sounds like something that was discussed during the PTG. The oslo
> team was exploring ways to implement this, which would be consumable to
> keystonemiddleware as a library [0].
>
> [0] https://etherpad.openstack.org/p/oslo-ptg-queens
>
>
> On 10/11/2017 07:43 AM, pnkk wrote:
>
> Hi,
>
> We have our API server(based on pyramid) integrated with keystone for
> AuthN/AuthZ.
> So our service has a *.conf file which has [keystone_authtoken] section
> that defines all the stuff needed for registering to keystone.
>
> WSGI pipeline will first get filtered with keystone auth token and then
> get into our application functionality.
>
> Now as part of hardening, we want to save an encrypted password(admin
> password) in the conf file.
> Where should I put the decryption logic so it gets passed to the
> middleware in the needed format?
>
> Appreciate your help!
>
> Thanks,
> Kanthi
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribehttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20171012/b0b7a734/attachment.html>
More information about the OpenStack-dev
mailing list