Answers in-line > 1) --endpoint_url: don't we have already a mechanism for specifying the > quantum service uri? [DG] Nopes, :)
> 2) 401 error: I think it should include the case of invalid credentials too, > leaving the 403 error for the authorization work. [DG] OK, I will update the bp with appropriate msgs > On caching: I reckon this is an interesting item to provide in the Quantum > service for limiting the number of auth calls to Keystone. It is out of scope > in this CLI work, but I think it might be totally in scope for the AuthN work. [DG] Its not very clear how is caching related to AuthN work, it has to be implemented in CLI (although not as part of this bp). Deepak > > Salvatore > >> -----Original Message----- >> From: netstack- >> bounces+salvatore.orlando=eu.citrix....@lists.launchpad.net >> [mailto:netstack- >> bounces+salvatore.orlando=eu.citrix....@lists.launchpad.net] On Behalf Of >> Deepak Garg >> Sent: 01 April 2012 10:36 >> To: Dan Wendlandt >> Cc: netstack@lists.launchpad.net >> Subject: Re: [Netstack] Quantum CLI Auth bp >> >> Regarding caching: >> As of today, caching strategies vary a lot between projects although they are >> a valid candidate for openstack-common. I don't see it being done in short >> term. >> >> My proposal is to ping openstack-common folks and see if we can include the >> basic auth code there and when other projects plan to align with it they can >> do. >> Similar thing could be planned for caching in future. >> >> Deepak >> >> >> On Sun, Apr 1, 2012 at 2:36 PM, Dan Wendlandt <d...@nicira.com> wrote: >> > >> > >> > On Fri, Mar 30, 2012 at 12:35 AM, Deepak Garg >> > <deepakgarg.i...@gmail.com> >> > wrote: >> >> >> >> Thanks Rohit for taking out time to go through the bp. >> >> >> >> Keystone may be implementing some caching but in case when the user >> >> has stored the Username credentials as env vars and he is using the >> >> quantum cli again and again, we wouldn't like to make the Auth call >> >> again and fetch a different token. So quantum has to take care of >> >> caching in future. >> >> Anyways, caching is not in the scope of this bp. I am currently >> >> watching nova's implementation and the issues they are facing with >> >> caching. When they are done, maybe we can steal some of the work. >> > >> > >> > It seems like this code required by all clients to do basic keystone >> > authentication would be a good candidate for openstack-common. Same >> > would presumably apply to any caching logic. I'll add a note >> > on: http://wiki.openstack.org/QuantumOpenstackCommon >> > >> > dan >> > >> >> >> >> On Fri, Mar 30, 2012 at 12:02 PM, Rohit Agarwalla (roagarwa) >> >> <roaga...@cisco.com> wrote: >> >> > Hi Deepak >> >> > >> >> > Thanks for sending the blueprint. I went through it and looks good. >> >> > The glance client behavior seems to be similar. >> >> > Re: the caching comment, I think keystone does have some caching >> >> > techniques implemented (for eg: to not create a new token if the >> >> > same username/password is provided in a 5 min interval). >> >> > >> >> > Thanks >> >> > Rohit >> >> >>-----Original Message----- >> >> >>From: netstack-bounces+roagarwa=cisco....@lists.launchpad.net >> >> >>[mailto:netstack-bounces+roagarwa=cisco....@lists.launchpad.net] >> On >> >> >>Behalf Of Deepak Garg >> >> >>Sent: Sunday, March 25, 2012 9:43 AM >> >> >>To: netstack@lists.launchpad.net >> >> >>Subject: [Netstack] Quantum CLI Auth bp >> >> >> >> >> >>HI All, >> >> >> >> >> >>Here is the bp for Quantum CLI Auth: >> >> >>http://wiki.openstack.org/QuantumCliAuth >> >> >>Please go through this well and share your comments/queries. >> >> >> >> >> >>The last section "Failure Cases and Messages" is incomplete and I >> >> >>am planning to edit it as I start implementing the bp and have a >> >> >>better idea of all the failure cases involved. >> >> >> >> >> >> >> >> >>Cheers, >> >> >> >> >> >>Deepak Garg, >> >> >>Data Center and Cloud Div. >> >> >>Citrix R&D, India >> >> >>Skype-id: deepakgarg.iit >> >> >> >> >> >>-- >> >> >>Mailing list: https://launchpad.net/~netstack Post to : >> >> >>netstack@lists.launchpad.net Unsubscribe : >> >> >>https://launchpad.net/~netstack More help : >> >> >>https://help.launchpad.net/ListHelp >> >> >> >> >> >> >> >> -- >> >> >> >> Deepak Garg, >> >> Data Center and Cloud Div. >> >> Citrix R&D, India >> >> Skype-id: deepakgarg.iit >> >> >> >> -- >> >> Mailing list: https://launchpad.net/~netstack Post to : >> >> netstack@lists.launchpad.net Unsubscribe : >> >> https://launchpad.net/~netstack More help : >> >> https://help.launchpad.net/ListHelp >> > >> > >> > >> > >> > -- >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> > Dan Wendlandt >> > Nicira Networks: www.nicira.com >> > twitter: danwendlandt >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> > >> >> >> >> -- >> >> Deepak Garg, >> Data Center and Cloud Div. >> Citrix R&D, India >> Skype-id: deepakgarg.iit >> >> -- >> Mailing list: https://launchpad.net/~netstack >> Post to : netstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~netstack >> More help : https://help.launchpad.net/ListHelp -- Deepak Garg, Data Center and Cloud Div. Citrix R&D, India Skype-id: deepakgarg.iit -- Mailing list: https://launchpad.net/~netstack Post to : netstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~netstack More help : https://help.launchpad.net/ListHelp
