c339189b44
Switch to using the self-contained django_openstack_auth package which is a proper django.contrib.auth pluggable backend. Notable functional improvements include: * Better overall security via use of standard Django auth code (well-vetted by security experts). * Token expiration checking. * User "enabled" attribute checking. * Support for full range of Django auth attributes such as is_anonymous, is_active, is_superuser, etc. * Improved hooks for RBAC/permission-based acess control. Regarding the RBAC/permission-based access control, this patch moves all "role" and "service"-oriented checks to permission checks. This will make transitioning to policy-driven checking much easier once that fully lands in OpenStack. Implements blueprint move-keystone-support-to-django-auth-backend Change-Id: I4f3112af797aff8c4c5e9930c6ca33a70e45589d |
||
---|---|---|
.. | ||
en/LC_MESSAGES | ||
es/LC_MESSAGES | ||
fr/LC_MESSAGES | ||
ja/LC_MESSAGES | ||
pl/LC_MESSAGES | ||
pt/LC_MESSAGES | ||
zh_CN/LC_MESSAGES | ||
zh_TW/LC_MESSAGES |