How is it done in other OpenStack services? Don't they have the same problem? Do they all require admin privileges? Alex From: FERNANDO LOPEZ AGUILAR <fla at tid.es> To: Alex Glikson/Haifa/IBM at IBMIL, Cc: "fiware-cloud at lists.fi-ware.eu" <fiware-cloud at lists.fi-ware.eu> Date: 07/11/2012 12:28 PM Subject: Re: [FIWARE] Administrator token Hi Alex, Thank you for your response. The normal functionality is the following, when I receive a token from the user in order to process some operation. I need to validate this token sending a message to the Keystone service. This request needs its own security token, different from the token received from the users. The problem is that we (I) was working internally with a permanent token from the keystone in order to request those validations, but I have not the permanent administration token from your keystone node. I hope that you understand now. PD: We of course was the SM, I used it due to I was thinking about my team :-P Fernando López Aguilar Cloud Computing fla at tid dot es +34 914 832 729 Telefónica I+D (R&D) Ronda de la Comunicación s/n Distrito C, Edificio Oeste 1, Planta 5 28050 Madrid, Spain El 07/11/2012, a las 11:19, Alex Glikson escribió: Can you elaborate? What do you mean by "we"? SM? Aren't the operations supposed to be invoked on behalf of the user who owns the service? How is it done in other similar cases? Sorry, I am not a security expert.. Alex From: FERNANDO LOPEZ AGUILAR <fla at tid.es> To: Alex Glikson/Haifa/IBM at IBMIL, Cc: "fiware-cloud at lists.fi-ware.eu" <fiware-cloud at lists.fi-ware.eu> Date: 05/11/2012 07:22 PM Subject: [FIWARE] Administrator token Dear Alex at all, In order to validate the requests received from a user, we need to validate it with the keystone, this operation require that we have an administrator token. If we do not have it we have to generate a normal token each 24 hours, which introduce lots of complexity due to we have to store it in DB together with the time of it. It is possible that you provide me this administrator token? Fernando López Aguilar Cloud Computing fla at tid dot es +34 914 832 729 Telefónica I+D (R&D) Ronda de la Comunicación s/n Distrito C, Edificio Oeste 1, Planta 5 28050 Madrid, Spain Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx[attachment "PastedGraphic-1.tiff" deleted by Alex Glikson/Haifa/IBM] Este mensaje se dirige exclusivamente a su destinatario. Puede consultar nuestra política de envío y recepción de correo electrónico en el enlace situado más abajo. This message is intended exclusively for its addressee. We only send and receive email on the basis of the terms set out at: http://www.tid.es/ES/PAGINAS/disclaimer.aspx[attachment "PastedGraphic-1.tiff" deleted by Alex Glikson/Haifa/IBM] -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.fiware.org/private/old-fiware-cloud/attachments/20121107/17dec37e/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy