[Pulp-list] Feedback needed: new user/auth system in 3.0
Richard Grainger
grainger at gmail.com
Tue Jul 19 15:18:08 UTC 2016
1. We use the api to script creation of Pulp users and roles
2. We use the api to script assignment of permissions on repos to Pulp
roles and users.
3. Users authenticate against our directory using Kerberos
(mod_auth_kerb). Subsequent auths can be done using the certificate
granted by Pulp until the cert expires and then kerberos must be used
to once again get a new cert.
This took a while to get right, but it works for us now.
On Fri, Jul 15, 2016 at 8:29 PM, Michael Hrivnak <mhrivnak at redhat.com> wrote:
> As many of you know, we are switching from mongodb to postgres in Pulp 3.0.
> This will come with quite a few changes. For one in particular, we need your
> input about how you use Pulp's user and permission system. Anything you can
> tell us about how you use the current user/perm system would be very
> helpful. We are considering the use of Django's built-in user/auth system
> [0] as a replacement for what Pulp currently has.
>
> If we hear silence, we might be more likely to change things, so let us know
> what is important to you.
>
> Have you integrated Pulp with a separate authentication source? Which one?
>
> Do you assign permissions to specific users? How granular do you need that
> to be?
>
> Have you created "roles" in Pulp?
>
> Anything else you want us to know or to think about?
>
> If you would like to provide input confidentially, you are welcome to
> contact me directly.
>
> [0] https://docs.djangoproject.com/en/1.8/topics/auth/
>
> Thank you!
> Michael
>
> _______________________________________________
> Pulp-list mailing list
> Pulp-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pulp-list
More information about the Pulp-list
mailing list