Pluggable Identity Authentication Handlers
The functionality described in this blueprint aims to drive additional value into Keystone/OpenStack by adding support for pluggable authentication in a manner that's transparent across concrete identity drivers irrespective of the driver/
Blueprint information
- Status:
- Complete
- Approver:
- Joseph Heck
- Priority:
- Medium
- Drafter:
- Boden R
- Direction:
- Approved
- Assignee:
- Guang Yee
- Definition:
- Drafting
- Series goal:
- Accepted for grizzly
- Implementation:
-
Implemented
- Milestone target:
-
2013.1
- Started by
- Joseph Heck
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
blueprint pluggable-
Addressed by: https:/
Implements REMOTE_USER authentication support.
Notes from Adam:
-------
* Need to define the default set of acceptable auth mechanisms
* Provide a way to define a new auth mechanism
* Record the auth mechanism used inside the token
* Provide policy rules for enforcing multifactor
Addressed by: https:/
Added documentation for the external auth support
Addressed by: https:/
blueprint pluggable-
Gerrit topic: https:/
Addressed by: https:/
Fix example in documentation.