官术网_书友最值得收藏!

Keystone - identity management

From an architectural perspective, Keystone presents the simplest service in the OpenStack composition. It is the core component and provides an identity service comprising authentication and authorization of tenants in OpenStack. Communications between different OpenStack services are authorized by Keystone to ensure that the right user or service is able to utilize the requested OpenStack service. Keystone integrates with numerous authentication mechanisms such as username/password and token/authentication-based systems. Additionally, it is possible to integrate it with an existing backend such as the Lightweight Directory Access Protocol (LDAP) and the Pluggable Authentication Module (PAM).

Keystone also provides a service catalog as a registry of all the OpenStack services.

With the evolution of Keystone, many features have been implemented within recent OpenStack releases leveraging a centralized and federated identity solution. This will allow users to use their credentials in an existing, centralized, sign-on backend and decouples the authentication mechanism from Keystone.

The federation identity solution becomes more stable within the OpenStack Juno release, which engages Keystone as a Service Provider (SP), and uses and consumes from a trusted Provider of Identity (IdP), user identity information in SAML assertions, or OpenID Connect claims. An IdP can be backed by LDAP, Active Directory, or SQL.

主站蜘蛛池模板: 固阳县| 汽车| 南木林县| 宁国市| 青龙| 苗栗市| 汉中市| 瓦房店市| 台北市| 岱山县| 峨山| 福泉市| 故城县| 南昌县| 城固县| 民县| 利川市| 资源县| 新兴县| 华容县| 会理县| 义马市| 德阳市| 威信县| 龙海市| 浪卡子县| 安阳市| 罗城| 凤翔县| 徐汇区| 巨野县| 湘阴县| 金沙县| 香港| 青铜峡市| 浙江省| 什邡市| 宣威市| 三门县| 繁峙县| 浦城县|