Ziad, thanks the quick edits. One more quick question, mostly because I haven't followed the full keystone discussions. How does this API relate (if at all) to: http://wiki.openstack.org/FederatedAuthZwithZones
Specifically, around resource groups and federated authentication. tia, a. On Sat, Jun 11, 2011 at 11:40 AM, Ziad Sawalha <[email protected]>wrote: > I've updated the dev guide with your suggestions: > - Section 4.4 explains the GET /tenants call needs to be authenticated and > the examples now show passing in the authentication header. > - Section 5.2.1 is new and talks about authenticating for the Admin API and > puts in a reference for bootstrapping the system (creating a first > administrator). Here, I've left it as a reference to the admin guide which > is yet to be developed (jaypipes volunteered to help us create that in RST), > but I also refer to the readme which today has instructions for setting up > your Keystone instance. > > Let me know if that gets you going, Andi. > > Regards, > Ziad > > > From: Ziad Sawalha <[email protected]> > Date: Sat, 11 Jun 2011 14:44:12 +0000 > To: Andiabes <[email protected]> > > Cc: "[email protected]" <[email protected]> > Subject: Re: [Openstack] OpenStack Identity: Keystone API Proposal > > Your guess is correct. The only calls you should be able to make without > having a token are the calls to discover the service (getting version info, > WADL contract, dev guide, help, etc…) and to get a token. After that, all > other calls require passing in a token. > > On the Admin APIs, the token passed in must have the necessary > administrative privileges. > > To bootstrap Keystone with a blank identity store, you can execute > bin/keystone-manage to create your initial administrative identity(ies). > > If you use the sample data creation script provided, it will create an > admin user (and create a token for that user) which you can use. > > We'll clarify that in the dev guide. > > Thanks Andi > > Ziad > > From: Andiabes <[email protected]> > Date: Fri, 10 Jun 2011 21:08:18 -0400 > To: Ziad Sawalha <[email protected]> > Cc: "[email protected]" <[email protected]> > Subject: Re: [Openstack] OpenStack Identity: Keystone API Proposal > > It might be useful to include in the API guide some information about > authentication to keystone itself. I.e when requesting a list of > users,tenants etc the requestor should somehow authenticate itself > I'm guessing that the flow involve acquiring a token that authenticates the > user to keystone as a user who has privileges to manage the relevant > entities.? > > Sent from my iPad > > On Jun 10, 2011, at 7:24 PM, Ziad Sawalha <[email protected]> > wrote: > > Time flies! It's June 10th already. In my last email to this community I > had proposed today as the day to lock down the Keystone API so we can > finalize implementation by Diablo-D2 (June 30th). > > We've been working on this feverishly over the past couple of weeks and > have just pushed out a proposed API > here:<https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf> > https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf > > For any and all interested, the original source and code is on Github > (<https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf> > https://github.com/rackspace/keystone), along with the current > implementation of Keystone, examples, sample data, tests, instructions, and > all the goodies we could muster to put together. The project also lives on > Launchpad at <http://launchpad.net/keystone>http://launchpad.net/keystone. > > The API we just put out there is still a proposal. We're going to be > focusing on the implementation, but would still love to get community input, > feedback, and participation. > > Have a great weekend and regards to all, > > Ziad > > > > > Confidentiality Notice: This e-mail message (including any attached or > embedded documents) is intended for the exclusive and confidential use of the > individual or entity to which this message is addressed, and unless otherwise > expressly indicated, is confidential and privileged information of Rackspace. > Any dissemination, distribution or copying of the enclosed material is > prohibited. > If you receive this transmission in error, please notify us immediately by > e-mail > at [email protected], and delete the original message. > Your cooperation is appreciated. > > _______________________________________________ > Mailing list: <https://launchpad.net/~openstack> > https://launchpad.net/~openstack > Post to : <[email protected]>[email protected] > Unsubscribe : <https://launchpad.net/~openstack> > https://launchpad.net/~openstack > More help : <https://help.launchpad.net/ListHelp> > https://help.launchpad.net/ListHelp > > Confidentiality Notice: This e-mail message (including any attached or > embedded documents) is intended for the exclusive and confidential use of the > individual or entity to which this message is addressed, and unless otherwise > expressly indicated, is confidential and privileged information of Rackspace. > Any dissemination, distribution or copying of the enclosed material is > prohibited. > If you receive this transmission in error, please notify us immediately by > e-mail > at [email protected], and delete the original message. > Your cooperation is appreciated. > > _______________________________________________ Mailing list: > https://launchpad.net/~openstack Post to : > [email protected] : > https://launchpad.net/~openstack More help : > https://help.launchpad.net/ListHelp > > Confidentiality Notice: This e-mail message (including any attached or > embedded documents) is intended for the exclusive and confidential use of the > individual or entity to which this message is addressed, and unless otherwise > expressly indicated, is confidential and privileged information of Rackspace. > Any dissemination, distribution or copying of the enclosed material is > prohibited. > If you receive this transmission in error, please notify us immediately by > e-mail > at [email protected], and delete the original message. > Your cooperation is appreciated. > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
