Federated AAI Implementation
Technical implementations of the federated AAI scenario
This page deals with the implementation of the AAI scenario in the various services. For one, we need to look into each of the middlewares and how to hook the authentication (X.509) and authorization (XACML) into them. Before that, we need to ensure that this is even possible, although at least some work in these directions is surfacing for instance in OpenStack (ADD REFERENCES!).
- Keystone support for PKI scheduled for the Folsom release (2012-09-27), more specifically folsom-3 http://bit.ly/LKpeI2 (2012-08-16)
- May be possible with alternative authZ backends to Keystone