Comment 24 for bug 1311223
Revision history for this message
| Dmitry Janushkevich (dev-zzo) wrote | #24 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Thierry, Zane,
Thank you for clarification. Your responses are highly appreciated.
> in fact nobody should be publicly exposing their templates just so Heat can get at them.
Apparently, some people do. In your opinion, what could be the cause of this? Is there something that can be done to improve the situation before the advent of the next Heat API version?
> HTTP Basic Auth is *not* a solution, because the username and password appear in the URL.
Hmm, I fail to see how this is a requirement. RFC2617 [1] requires authentication credentials to be passed via a specific header. How it gets there is implementation details. Surely, one can pass credentials via the URL (if one's HTTP library supports this), but this is not the only way of doing things.
Thank you again,
D.
[1] http://