[Openstack] State of OpenStack Auth

Soren Hansen soren at ubuntu.com
Tue Mar 1 20:53:36 UTC 2011

On a subject of authentication, I've always been puzzled why the token
isn't just set as a standard http cookie?

If it were, it would be dead simple to render a bit of HTML and
interact with the API directly from a web server. The EC2 API can't do
this because of the rather complex signature mechanism, but we're so
incredibly close, yet so depressingly far away from being able to do

Soren Hansen
Ubuntu Developer    http://www.ubuntu.com/
OpenStack Developer http://www.openstack.org/

More information about the Openstack mailing list