My Keystone To do list Fall 2012

Once again it is time to brain dump the things I want to make happen in the next release of Open Stack.

  • External Authentication: Make it so we can use the Web servers authentication mechanism to log in to Keystone, as opposed to requiring UserId/Password in a JSON document
  • Make it possible to enable basic authentication in Eventlet used for Keystone
  • Promote HTML to a first class citizen:    Navigation throughout the Keystone server should be possible via browser, using Hyperlinks.  All pages for V3 API should responds with HTML unless a specific content type is requested.
  • Keystone Federation:  I am more than happy to surrender this task, as there seem to be many people interested, but we have to make sure the solution works for all interested parties.
  • TLS/LDAPS support
  • Pass through authentication to a corporate LDAP server
  • Refactor the authentication code that is used in service.py and elsewhere.
  • Investigate the performance aspects of PKI tokens versus UUID Tokens.
  • Perform the  OpenSSL operations  for PKI without forking
  • Simplify the deployment of auth_token middleware.

This is my list as I see it right now.  We have a lot of planning to do in the next couple of months that will prioritize these items, and also add/delete items from this list.

(I accidentally posted a very short draft of the post before.  My apologies for the unnecessary traffic.)

Leave a Reply

Your email address will not be published. Required fields are marked *