Hi all, I have the following scenario:
1. On client machine A, a user obtains an auth token with a username and password. 2. The user can use the auth token to do operations on client machine A. 3. A thief steals the auth token, and do operations on client machine B. Can Keystone check the auth token's source IP (which is client machine A in the above example) to prevent thieves to use it? Does this feature exist? Or is it a work in progress? Thanks for the help! John
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
