----- Original Message -----
From: "Doron Fediuck" <dfediuck@redhat.com> To: "Juan Hernandez" <jhernand@redhat.com> Cc: engine-devel@ovirt.org Sent: Sunday, February 10, 2013 5:26:52 PM Subject: Re: [Engine-devel] Local Authentication Feature
----- Original Message -----
From: "Juan Hernandez" <jhernand@redhat.com> To: engine-devel@ovirt.org Sent: Friday, February 8, 2013 7:50:36 PM Subject: [Engine-devel] Local Authentication Feature
Hello,
I would like to propose a new feature that allows authentication using the local user database. The details are here:
http://www.ovirt.org/Features/Local_Authentication
And the proposed change is available for review here:
I appreciate feedback.
Thanks in advance, Juan Hernandez -- Dirección Comercial: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, planta 3ºD, 28016 Madrid, Spain Inscrita en el Reg. Mercantil de Madrid – C.I.F. B82657941 - Red Hat S.L.
Hi Juan, Very happy to see this one which actually closes an annoying gap! One thing which is missing is user management- add/remove/change users and groups. If we do not plan to handle it within ovirt, the design should state it and explain how user management should work.
Shouldn't this be the same as in case of external directory service? i.e - you manage user/group at the directory service, and then you "populate" engine with it (by adding permissions to users/groups or adding explicitly new users/groups to engine?)
Also, what happens when a user is removed from the local DB- will all references to him be removed? Groups?
IMHO the behavior in this case should be as in case of current LdapBroker.
Thanks for a very important contribution! Doron _______________________________________________ Engine-devel mailing list Engine-devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel