3

I am trying to use the new authentication system and I cannot find any decent articles/documentation to get what i want. Plenty of stuff out there explaining how the authentication process works out of the box but realistically you will need more.

First of all how do you control which database you store user information? I have read in many place that you can add a connection string. Ok great, but how do you get that connection string to be used by the authentication system?

And how would this work in a web farm, assuming user account information is split across databases with a little piece of logic which decides which database a user should login against?

Shumii
  • 4,529
  • 5
  • 32
  • 41

2 Answers2

0

I have used keystone extensively and it really isnt bad to implement. Its the authentication mechanism of Openstack. Check it out here http://docs.openstack.org/developer/keystone/

To answer your question users would first authenticate with it, receive a token, then they would present their token at any of your servers. If your data is split up, you can configure keystone to only allow access to certain areas of you backend via groups.

SJP
  • 1,330
  • 12
  • 21
0

Changing the underlying database needs to steps. You have to add the connection string for the database you want to use for Identity. After this you have to change the base constructor call in your DB context to pass your new connection string to the base class (this is your missing step). An example for it is shown in this thread.

For your second question I don't have a good answer, because I haven't used Identity in a multiple DB servers scenario yet.

Community
  • 1
  • 1
Horizon_Net
  • 5,959
  • 4
  • 31
  • 34