[Openstack] Some of the libraries that can be reused for OpenStack Auth
Rostyslav Slipetskyy
rslipetskyy at yahoo.com
Sat Apr 30 16:51:41 UTC 2011
There exist a couple of Python libraries that might to be reused for OpenStack
Auth:
1. python-crack (http://pypi.python.org/pypi/python-crack/0.5) can be used
for evaluating password strength before registering users
2. PySAML2 (https://launchpad.net/pysaml2) can be used for adding SAML
functionality
Also, when developing a password storage functionality, a suggestion
from "Electronic Authentication Guideline" by NIST might be useful:
"store passwords concatenated to a salt and/or username and then hashed with
approved algorithm so that the computations used to conduct a dictionary or
exhaustion attack on a stolen password file are not useful to attack other
similar password files"
Best Regards,
Rostik
More information about the Openstack
mailing list