I think showing this only upon failure is good if the user is also given the option to sore the credentials in the browser. That way, you only have to re-enter the credentials once if you want convenience, or do it every time if you want improved security.
One downside would be that if you don¹t cache the credentials, you¹ll have to ³fail² the auth every time to be given the chance to re-enter the credentials. It may not be obvious that clicking ³run tests² will then let you enter new credentials. I was thinking that having a button you can press to enter the credentials would make it more obvious, but wouldn¹t reduce the number of clicks I.e. either run tests and fail or click ³Enter credentials² and enter new ones. The ³Enter credential² option would obviously be a little faster - David J. Easter Director of Product Management, Mirantis, Inc. From: Mike Scherbakov <mscherba...@mirantis.com> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org> Date: Friday, July 11, 2014 at 2:36 PM To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org> Subject: Re: [openstack-dev] [Fuel] [OSTF] OSTF stops working after password is changed I'm wondering if we can show all these windows ONLY if there is authz failure with existing credentials from Nailgun. So the flow would be: user clicks on "Run tests" button, healthcheck tries to access OpenStack and fails. It shows up text fields to enter tenant/user/pass with the message similar to "Default administrative credentials to OpenStack were changed since the deployment time. Please provide current credentials so HealthCheck can access OpenStack and run verification tests." I think it should be more obvious this way... Anyone, it must be a choice for a user, if he wants to store creds in a browser. On Fri, Jul 11, 2014 at 8:50 PM, Vitaly Kramskikh <vkramsk...@mirantis.com> wrote: > Hi, > > In the current implementation we store provided credentials in browser local > storage. What's your opinion on that? Maybe we shouldn't store new credentials > at all even in browser? So users have to enter them manually every time they > want to run OSTF. > > > 2014-06-25 13:47 GMT+04:00 Dmitriy Shulyak <dshul...@mirantis.com>: > >> It is possible to change everything so username, password and tenant fields >> >> Also this way we will be able to run tests not only as admin user >> >> >> On Wed, Jun 25, 2014 at 12:29 PM, Vitaly Kramskikh <vkramsk...@mirantis.com> >> wrote: >>> Dmitry, >>> >>> Fields or field? Do we need to provide password only or other credentials >>> are needed? >>> >>> >>> 2014-06-25 13:02 GMT+04:00 Dmitriy Shulyak <dshul...@mirantis.com>: >>> >>>> Looks like we will stick to #2 option, as most reliable one. >>>> >>>> - we have no way to know that openrc is changed, even if some scripts >>>> relies on it - ostf should not fail with auth error >>>> - we can create ostf user in post-deployment stage, but i heard that some >>>> ceilometer tests relied on admin user, also >>>> operator may not want to create additional user, for some reasons >>>> >>>> So, everybody is ok with additional fields on HealthCheck tab? >>>> >>>> >>>> >>>> >>>> On Fri, Jun 20, 2014 at 8:17 PM, Andrew Woodward <xar...@gmail.com> wrote: >>>>> The openrc file has to be up to date for some of the HA scripts to >>>>> work, we could just source that. >>>>> >>>>> On Fri, Jun 20, 2014 at 12:12 AM, Sergii Golovatiuk >>>>> <sgolovat...@mirantis.com> wrote: >>>>>> > +1 for #2. >>>>>> > >>>>>> > ~Sergii >>>>>> > >>>>>> > >>>>>> > On Fri, Jun 20, 2014 at 1:21 AM, Andrey Danin <ada...@mirantis.com> >>>>>> wrote: >>>>>>> >> >>>>>>> >> +1 to Mike. Let the user provide actual credentials and use them in >>>>>>> place. >>>>>>> >> >>>>>>> >> >>>>>>> >> On Fri, Jun 20, 2014 at 2:01 AM, Mike Scherbakov >>>>>>> >> <mscherba...@mirantis.com> wrote: >>>>>>>> >>> >>>>>>>> >>> I'm in favor of #2. I think users might not want to have their >>>>>>>> password >>>>>>>> >>> stored in Fuel Master node. >>>>>>>> >>> And if so, then it actually means we should not save it when user >>>>>>>> >>> provides it on HealthCheck tab. >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> On Thu, Jun 19, 2014 at 8:05 PM, Vitaly Kramskikh >>>>>>>> >>> <vkramsk...@mirantis.com> wrote: >>>>>>>>> >>>> >>>>>>>>> >>>> Hi folks, >>>>>>>>> >>>> >>>>>>>>> >>>> We have a bug which prevents OSTF from working if user changes a >>>>>>>>> >>>> password which was using for the initial installation. I skimmed >>>>>>>>> through the >>>>>>>>> >>>> comments and it seems there are 2 viable options: >>>>>>>>> >>>> >>>>>>>>> >>>> Create a separate user just for OSTF during OpenStack >>>>>>>>> installation >>>>>>>>> >>>> Provide a field for a password in UI so user could provide actual >>>>>>>>> >>>> password in case it was changed >>>>>>>>> >>>> >>>>>>>>> >>>> What do you guys think? Which options is better? >>>>>>>>> >>>> >>>>>>>>> >>>> -- >>>>>>>>> >>>> Vitaly Kramskikh, >>>>>>>>> >>>> Software Engineer, >>>>>>>>> >>>> Mirantis, Inc. >>>>>>>>> >>>> >>>>>>>>> >>>> _______________________________________________ >>>>>>>>> >>>> OpenStack-dev mailing list >>>>>>>>> >>>> OpenStack-dev@lists.openstack.org >>>>>>>>> >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>>>>>>> >>>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> -- >>>>>>>> >>> Mike Scherbakov >>>>>>>> >>> #mihgen >>>>>>>> >>> >>>>>>>> >>> >>>>>>>> >>> _______________________________________________ >>>>>>>> >>> OpenStack-dev mailing list >>>>>>>> >>> OpenStack-dev@lists.openstack.org >>>>>>>> >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>>>>>> >>> >>>>>>> >> >>>>>>> >> >>>>>>> >> >>>>>>> >> -- >>>>>>> >> Andrey Danin >>>>>>> >> ada...@mirantis.com >>>>>>> >> skype: gcon.monolake >>>>>>> >> >>>>>>> >> _______________________________________________ >>>>>>> >> OpenStack-dev mailing list >>>>>>> >> OpenStack-dev@lists.openstack.org >>>>>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>>>>> >> >>>>>> > >>>>>> > >>>>>> > _______________________________________________ >>>>>> > OpenStack-dev mailing list >>>>>> > OpenStack-dev@lists.openstack.org >>>>>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>>>> > >>>>> >>>>> >>>>> >>>>> -- >>>>> Andrew >>>>> Mirantis >>>>> Ceph community >>>>> >>>>> _______________________________________________ >>>>> OpenStack-dev mailing list >>>>> OpenStack-dev@lists.openstack.org >>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>> >>>> >>>> _______________________________________________ >>>> OpenStack-dev mailing list >>>> OpenStack-dev@lists.openstack.org >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>>> >>> >>> >>> >>> -- >>> Vitaly Kramskikh, >>> Software Engineer, >>> Mirantis, Inc. >>> >>> _______________________________________________ >>> OpenStack-dev mailing list >>> OpenStack-dev@lists.openstack.org >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >>> >> >> >> _______________________________________________ >> OpenStack-dev mailing list >> OpenStack-dev@lists.openstack.org >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> > > > > -- > Vitaly Kramskikh, > Software Engineer, > Mirantis, Inc. > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Mike Scherbakov #mihgen _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
