openstack
/
horizon
Code Issues Proposed changes
horizon/horizon/views
History
Gabriel Hurley c339189b44 Auth refactor. 
Switch to using the self-contained django_openstack_auth
package which is a proper django.contrib.auth pluggable
backend.

Notable functional improvements include:

  * Better overall security via use of standard Django
    auth code (well-vetted by security experts).
  * Token expiration checking.
  * User "enabled" attribute checking.
  * Support for full range of Django auth attributes
    such as is_anonymous, is_active, is_superuser, etc.
  * Improved hooks for RBAC/permission-based acess control.

Regarding the RBAC/permission-based access control, this
patch moves all "role" and "service"-oriented checks to
permission checks. This will make transitioning to
policy-driven checking much easier once that fully lands
in OpenStack.

Implements blueprint move-keystone-support-to-django-auth-backend

Change-Id: I4f3112af797aff8c4c5e9930c6ca33a70e45589d
 		2012-07-09 16:57:52 -07:00
..
__init__.py Auth refactor. 2012-07-09 16:57:52 -07:00
base.py Auth refactor. 2012-07-09 16:57:52 -07:00