Merge lp:~axwalk/juju-core/1225916-httpstroage-authentication into lp:~go-bot/juju-core/trunk
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Andrew Wilkins | ||||
Approved revision: | no longer in the source branch. | ||||
Merged at revision: | 1878 | ||||
Proposed branch: | lp:~axwalk/juju-core/1225916-httpstroage-authentication | ||||
Merge into: | lp:~go-bot/juju-core/trunk | ||||
Diff against target: |
654 lines (+283/-30) 8 files modified
cert/cert.go (+21/-3) cert/cert_test.go (+44/-6) environs/config/config.go (+2/-1) environs/httpstorage/backend.go (+61/-1) environs/httpstorage/backend_test.go (+79/-8) environs/httpstorage/storage.go (+44/-9) environs/httpstorage/storage_test.go (+30/-1) testing/cert.go (+2/-1) |
||||
To merge this branch: | bzr merge lp:~axwalk/juju-core/1225916-httpstroage-authentication | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Juju Engineering | Pending | ||
Review via email: mp+187152@code.launchpad.net |
Commit message
environs/
This change to httpstorage enables authentication,
where authentication implies authorisation.
For an authenticating httpstorage, authentication
is required only for Put/Remove* methods; List/Get
will work unauthenticated.
Authentication is implemented by a client providing
a certificate signed by the CA, where the CA is
previously agreed upon.
There will be a followup branch which enables this
for the null provider, via additions to the
worker/
and storage CA certificate generation at bootstrap
time.
NOTE: one caveat is that wget et al. will need to
skip certificate validation.
Fixes #1225916
Description of the change
environs/
This change to httpstorage enables authentication,
where authentication implies authorisation.
For an authenticating httpstorage, authentication
is required only for Put/Remove* methods; List/Get
will work unauthenticated.
Authentication is implemented by a client providing
a certificate signed by the CA, where the CA is
previously agreed upon.
There will be a followup branch which enables this
for the null provider, via additions to the
worker/
and storage CA certificate generation at bootstrap
time.
NOTE: one caveat is that wget et al. will need to
skip certificate validation.
Fixes #1225916
Reviewers: mp+187152_ code.launchpad. net,
Message:
Please take a look.
Description: httpstorage: authentication support
environs/
This change to httpstorage enables authentication,
where authentication implies authorisation.
For an authenticating httpstorage, authentication
is required only for Put/Remove* methods; List/Get
will work unauthenticated.
Authentication is implemented by a client providing
a certificate signed by the CA, where the CA is
previously agreed upon.
There will be a followup branch which enables this localstorage. LocalStorageCon fig interface,
for the null provider, via additions to the
worker/
and storage CA certificate generation at bootstrap
time.
NOTE: one caveat is that wget et al. will need to
skip certificate validation.
Fixes #1225916
https:/ /code.launchpad .net/~axwalk/ juju-core/ 1225916- httpstroage- authentication/ +merge/ 187152
(do not edit description out of merge proposal)
Please review this at https:/ /codereview. appspot. com/13832045/