[Openstack] Federated Identity Management (bursting and zones)

Jon Slenk jslenk at internap.com
Wed Mar 30 19:36:52 UTC 2011

On Wed, Mar 30, 2011 at 11:57 AM, Sandy Walsh <sandy.walsh at rackspace.com> wrote:
> http://wiki.openstack.org/ZonesOauth

"At this point the user will be asked to confirm the request (assuming
this is the first interaction the user has had with this Zone). So,
here's an authenticated user getting this seemingly random prompt
"ServiceProvider.DataCenter.Tower2 would like access to your
Permissions. Will you grant this?" Huh? That would make no sense. Even
less given the fact that the user had to authenticate to get to Zone A
in the first place (her credentials have already been given to the
client tool). "

I think that if the system used capabilities/ZBAC then there would be
no such weird prompting.


More information about the Openstack mailing list