Mikhail Fedosin wrote: > Does the above mean you are implementing a share secret storage > solution or that you are going to use an existing solution like > Barbican that does that? > > Sectets is a plugin for Glare we developed for Nokia CloudBand > platform, and they just decided to opensource it. It doesn't > use Barbican, technically it is oslo.versionedobjects class. > > Sorry to hear that you opted not to use Barbican. > > I think it's only because Keycloak integration is required by Nokia's > system and Barbican doesn't support it.
Any technical reason why it couldn't be added to Barbican ? Any chance Keycloak integration could be added as a Castellan backend ? Secrets management is really one of those things that should *not* be reinvented in every project. It is easier to get wrong than people think, and you end up having to do security audits on 10 repositories instead of one. -- Thierry Carrez (ttx) __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
