LAVA Tool

Token-based authentication support for Lava components

Registered by Michael Hudson-Doyle on 2011-05-10

We want to add the ability to generate a token that allows authenticated XML-RPC apis calls to the Django-based components of Lava.

For now we will (slightly) abuse HTTP Basic auth (over SSL) to communicate the token to the server -- this is very very easy because the standard library xmlrpclib supports Basic. The server side will be part of linaro-django-xmlrpc (and not a middleware).

Also see https://blueprints.launchpad.net/linaro-django-xmlrpc/+spec/other-o-linaro-xml-rpc-auth-tokens

Read the full specification

Blueprint information

Status:: Complete

Approver:: Paul Larson

Priority:: Essential

Drafter:: Michael Hudson-Doyle

Direction:: Approved

Assignee:: Michael Hudson-Doyle

Definition:: Approved

Series goal:: Accepted for linaro-11.11

Implementation:: Implemented

Milestone target:: 2011.06

Started by: Michael Hudson-Doyle on 2011-06-14

Completed by: Michael Hudson-Doyle on 2011-06-24

Related branches

Related bugs

Sprints

Whiteboard

(?)

Work Items

Work items:
define how we store auth token: DONE
define "whoami" api for checking tokens: DONE
implement auth-add command: DONE
implement auth-list command: POSTPONED
implement auth-remove command: POSTPONED
implement AuthenticatedServerProxy class: INPROGRESS
implement some kind of SSL certificate checking: POSTPONED

This blueprint contains Public information

Everyone can see this information.

Subscribers

Fathi Boudra

Paul Larson