1041903 – [RFE][keystone]: Basic-Auth

Bug 1041903 - [RFE][keystone]: Basic-Auth

Summary: [RFE][keystone]: Basic-Auth

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	RFEs
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	RHOS Maint
QA Contact:
Docs Contact:
URL:	https://blueprints.launchpad.net/keys...
Whiteboard:	upstream_milestone_none upstream_stat...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-12 19:59 UTC by RHOS Integration
Modified:	2015-11-20 19:22 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-19 16:54:22 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description RHOS Integration 2013-12-12 19:59:20 UTC

Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/basic-auth.

Description:

Passing in the userid/password in the body of a request is at odds with the way that the browsers expect authentication to work.  Keystone should be able to accept userid and password via basic-auth in order to allow browser based operations against Keystone.  Once created, the token can live in a secure cookie.  TO prevent XSRF attacks, a standard header will enforce that the referring web page must be Keystone itself.  A future extension will deal with CORS support.

Specification URL (additional information):

None

Note You need to log in before you can comment on or make changes to this bug.