[Openstack] State of OpenStack Auth
Soren Hansen
soren at ubuntu.com
Tue Mar 1 20:53:36 UTC 2011
On a subject of authentication, I've always been puzzled why the token
isn't just set as a standard http cookie?
If it were, it would be dead simple to render a bit of HTML and
interact with the API directly from a web server. The EC2 API can't do
this because of the rather complex signature mechanism, but we're so
incredibly close, yet so depressingly far away from being able to do
this.
--
Soren Hansen
Ubuntu Developer http://www.ubuntu.com/
OpenStack Developer http://www.openstack.org/
More information about the Openstack
mailing list