Well, hopefully with a shared, modular service, we can add a token module that uses cookies instead. :)
-Eric On Tue, Mar 01, 2011 at 09:53:36PM +0100, Soren Hansen wrote: > On a subject of authentication, I've always been puzzled why the token > isn't just set as a standard http cookie? > > If it were, it would be dead simple to render a bit of HTML and > interact with the API directly from a web server. The EC2 API can't do > this because of the rather complex signature mechanism, but we're so > incredibly close, yet so depressingly far away from being able to do > this. > > -- > Soren Hansen > Ubuntu Developer http://www.ubuntu.com/ > OpenStack Developer http://www.openstack.org/ _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
