On 2015-04-16 15:57:10 +0300 (+0300), Vladislav Kuzmin wrote:
[...]
> I've used this documentation
> http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/oauth2.html
[...]
By the way, the documentation for it is now continuously published
to http://ci.ope
Vlad,
The relevant information is documented here:
http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/openid.html#openid-2-0-request-authentication-response
You must first make the OpenID request in order to get the correct
identifier. As Sebastian
Vladislav , oauth2 is not meant for authentication, is meant for
authorization, if you use oauth2 for authentication, then you are
introducing some security issues on your app
http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html
if you want to authenticate your users in a
Sebastian, I've used only OAuth2.0 (not OpenID) for obtain an access_token
and I've used this documentation
http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/oauth2.html
. When I got the access_token, I called "OAuth 2.0 Rest API" for get info
about the
On 03/04/15 17:52, Monty Taylor wrote:
Could do better: ACLs for Vulnerability management
>>--
>
>I'd love to learn how wikimedia is working with this.
http://www.mediawiki.org/wiki/Phabricator/Security
tl;dr They have added a security dropdown
On 03/04/15 17:57, Monty Taylor wrote:
On 04/03/2015 11:44 AM, Michael Krotscheck wrote:
>This proposal is all well and good, however (no offense intended) Monty's
>got a history of putting out neat proposals and leaving "someone else" to
>support it. Without identifying a dedicated person/resou
On 03/04/15 18:06, Jeremy Stanley wrote:
On 2015-04-03 11:54:00 -0400 (-0400), Sean Dague wrote:
[...]
2) is there an event stream of changes (either real time or rss) that
can be consumed by said tools? Having the change stream would be really
helpful.
Which relates to a feature request we he
Vladislav in order to user oauth 2.0, i am assuming that you are doing
first an openid request, on the openid response ( possitive assertion
http://openid.net/specs/openid-authentication-2_0.html#positive_assertions)
you will get param "openid.claimed_id", that one contains the openid url
that aft
Here you can find slides with general user stories:
- create user account
- access to resource required user auth in Web UI
- access to resource required user auth in CLI client
https://docs.google.com/presentation/d/1v7exKKL1zSA102Xu8FkY1u9rMVUE6BjwUCoWGYYvbaI/edit#slide=id.g9870fa983_0
In this ticket https://storyboard.openstack.org/#!/story/2000239 is
mentioned only about OpenID. If I will be use OAuth2.0, how I can
distinguish between users?
I guess that User API
http://docs-draft.openstack.org/99/165199/7/check/gate-openstackid-docs/8797c5d//doc/build/html/restapi/v1.html#user
10 matches
Mail list logo