I've received a couple emails from folks interested in federation for Keystone, ranging from testing federation to fix bugs and implement blueprints.
I've been keeping a list of Federation specific work items for Keystone, I've tried to attach names to some of the items that have already been started.
If you're interested in helping out, find an item below and shoot me an email (cc dolphm) with details about how you can help.
- Keystone to Keystone Federation
- blueprint here: https://blueprints.launchpad.net/keystone/+spec/keystone-to-keystone-federation
- Lots of interested parties here, but no one has yet to post a patch about this
- If anyone can help implement this part, or help in crafting the API please let me know.
- Doc'ing this portion would be extremely important, too.
- Supporting different protocols
- OpenIDConnect support
- blueprint here: https://blueprints.launchpad.net/keystone/+spec/auth-plugin-openid-connect
- Implementation from stevemar here: https://review.openstack.org/#/c/61662/15
- Reviews wanted!
- ABFAB protocol support
- Waiting on an apache module
- OpenIDConnect support
- SAML Client work in keystoneclient
- Active patch from marekd here: https://review.openstack.org/#/c/92166/
- Reviews wanted!
- How can we gate on federation configurations
and perform real tempest tests?
- If anyone has *any* ideas on this, please share - the keystone team is stumped on this one.
- Auditing support for federated users
- Need a blueprint for this topic
- Any takers for implementation?
- Mapping engine enhancements
- Trusted Attributes
- blueprint here: https://blueprints.launchpad.net/keystone/+spec/trusted-attribute-issuing-policy
- ksiu has the API spec here: https://review.openstack.org/#/c/60489/
- Bugs (brought up by others as possible
optimizations)
- Prioritize users / groups rules
- Add domain support
- Make groups a wildcard
- Trusted Attributes
- Federated Keystone and Horizon
- Completely open-ended, there isn't much an expectation that we deliver this in Juno, but it's something we should start thinking about.
- Docs for everything!
Regards,
Steve Martinelli
Software Developer - Openstack
Keystone Core Member
|
| |
| Phone:
1-905-413-2851 E-mail: steve...@ca.ibm.com |
8200 Warden Ave Markham, ON L6G 1C7 Canada |
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
