[Openstack] State of OpenStack Auth

Eric Day eday at oddments.org
Tue Mar 1 20:59:25 UTC 2011

Well, hopefully with a shared, modular service, we can add a token
module that uses cookies instead. :)


On Tue, Mar 01, 2011 at 09:53:36PM +0100, Soren Hansen wrote:
> On a subject of authentication, I've always been puzzled why the token
> isn't just set as a standard http cookie?
> If it were, it would be dead simple to render a bit of HTML and
> interact with the API directly from a web server. The EC2 API can't do
> this because of the rather complex signature mechanism, but we're so
> incredibly close, yet so depressingly far away from being able to do
> this.
> -- 
> Soren Hansen
> Ubuntu Developer    http://www.ubuntu.com/
> OpenStack Developer http://www.openstack.org/

More information about the Openstack mailing list