657 Commits

Author SHA1 Message Date
Jenkins
6324ce1eba Merge "Remove additional references to ldap role attribs" 2016-01-22 19:03:22 +00:00
Jenkins
ea4abae947 Merge "Remove more ldap project references" 2016-01-22 18:56:18 +00:00
Jenkins
67e6c3e84e Merge "Doc FIX" 2016-01-22 03:58:52 +00:00
Eric Brown
0727114808 Remove additional references to ldap role attribs
This removes additional references to ldap role attributes found
in the documentation and tests.

Commit I1bd02d5834814959a93601fe53f115d0f9cc08a8 removed the ldap
role backend.

Change-Id: If8e74aca9b983c0f0e9779ea6e5e1260c1eb6dd7
2016-01-22 01:41:42 +00:00
Eric Brown
73a39e1b9e Remove more ldap project references
Commit I848bf41022224fec65cd9555a6e82790b296dcbe removed the
LDAP resource and assignment backends. As a result, some more
items can be removed, namely:

* ProjectLdapStructureMixin class is no longer used anywhere.
* references to project related ldap attributes in test conf files
* removal of references to ldap project attributes in configuration
  doc

Change-Id: I3efb32c39d3077f787e31533ef5407948a5d8cfd
2016-01-21 22:20:16 +00:00
Jenkins
fbf4eccb29 Merge "Add support for strict url safe option on new projects and domains" 2016-01-19 22:58:55 +00:00
Jenkins
d2070cdd18 Merge "document the bootstrapping process" 2016-01-19 07:05:55 +00:00
Henry Nash
60b52c1248 Add support for strict url safe option on new projects and domains
Building on the earlier patch that provdided the 'new' url name
restriction, this patch adds the 'strict' open that prevents
authenticating to projects and domains with unsafe names.

A release note and config documentation is also added that covers
both this and the earlier patch.

Partially Implements: blueprint url-safe-naming

Change-Id: Ie69025e7759bae1067e05d9190bede192a5e6830
2016-01-19 03:47:31 +00:00
Steve Martinelli
ec62601339 document the bootstrapping process
create docs on how to configure keystone with the new
keystone-manage bootstrap option.

implements bp: bootstrap

Change-Id: I4c7520cc68aadd49179e40e77b2d5058125edf00
2016-01-18 05:59:24 +00:00
Jenkins
a55128044f Merge "Fedora link is too old and so updated with newer version" 2016-01-17 10:09:44 +00:00
venkatamahesh
d2bbffeea8 Fedora link is too old and so updated with newer version
Link for fedora install guide is too old (juno). So it is
updated with liberty version

Change-Id: Id2bf138eae832175fa563de939de858e0a3a070f
Closes-Bug: #1499841
2016-01-15 16:26:11 +00:00
Henry Nash
a06bfe8be3 Support the reading of default values of domain configuration options
The whitelisted configuration options, that are supported as part
of the domain specific configuration functionality, can now have
their defualt values read via the Identity API.

DocImpact
Change-Id: I9b1073f4d43c69f03fc920eee2712305524c1300
Implements: blueprint domain-config-default
2016-01-15 06:20:38 +00:00
Saulo Aislan
8221aba8e1 Doc FIX
Add a line at the command

Change-Id: Id1197669da443e604abbc773f658cfaa8b25e778
2016-01-13 21:30:20 -03:00
Jenkins
d446a4e297 Merge "Replace deprecated library function os.popen() with subprocess" 2016-01-11 11:02:28 +00:00
Harshada Mangesh Kakad
114f72f286 Replace deprecated library function os.popen() with subprocess
os.popen() is deprecated since version 2.6. Resolved with use of
subprocess module.

Change-Id: Id8edeb60aa32f556b58ed0397d27598c39945241
Closes-Bug: #1529836
2016-01-07 09:06:27 -08:00
Jenkins
edcf5a2084 Merge "Update man pages with Mitaka version and dates" 2016-01-09 00:11:05 +00:00
Eric Brown
945e760964 Update man pages with Mitaka version and dates
The keystone-manage listed out-dated version and date. This patch
bumps the version to 9.0.0 and the release date of 4-7-16 according
to: http://docs.openstack.org/releases/schedules/mitaka.html

Note: keystone-all was untouched since it's being removed under the
      eventlet deprecation.

Change-Id: I2e9de4ca1d19d5ee62b3c761bea46d6d61445fd6
2016-01-07 00:14:30 -08:00
Brant Knudson
9040dcf21f Correct fernet provider reference
The docs weren't rendering the fernet provider as a link because the
reference was incorrect.

Change-Id: Id8205f1368a841bd201ef77ddd34ab7d3a170976
2015-12-29 18:19:01 -06:00
Jenkins
599dbea395 Merge "Update developing.rst to remove extensions stuff" 2015-12-22 04:44:56 +00:00
Jenkins
4c3071d5f6 Merge "Use pip (and DevStack) instead of setuptools in docs" 2015-12-17 01:11:46 +00:00
Dolph Mathews
e536522356 Use pip (and DevStack) instead of setuptools in docs
The docs instruct you to install pip, and then document the use of
setuptools, which pbr doesn't particularly support. But pip alone will
fail, so I added a note referencing devstack if you need help on that
step.

Change-Id: Iea07b5ffd9d5c6c8509a698db2728e0fde21d4d8
2015-12-16 16:52:53 +00:00
John Dewey
0ad1a00ad8 Correct developer documentation on venv creation
The developer documentation references a script `tools/install_venv.py`,
which no longer exists in the repo.  Cleaned up the documentation to reference
venv usage with tox.

Change-Id: Ida1e2b300411541e8c5f0a7463a2ca5f910ba03b
Closes-Bug: 1175686
2015-12-15 15:21:18 -08:00
Dave Chen
87a9a6b563 Update developing.rst to remove extensions stuff
All keystone extensions have been moved into cores and are
enabled by default, the configuration about the extension in
this doc is not valid any more.

Change-Id: I0d1b7348d581b17d718c356fadad8f071ddbe09e
2015-12-15 05:38:31 +08:00
Henry Nash
a9a47b62c8 Add API route for list role assignments for tree
This patch adds the API routing (and appropriate REST API
tests) to call the manager support for listing role
assignments for a tree of projects that was implemented in
the earlier patch.

In order to support the required policy rule, the protection
wrapper for filter list calls was extended to support a callback
(in the same way that the regular protection wrapper already did).

Implements: bp list-assignment-subtree
Change-Id: I3495c7cab3b40811b2722ac7d70ddda30410b62b
2015-12-11 14:13:51 +00:00
Jenkins
239aa0ab75 Merge "Update docs for legacy keystone extensions" 2015-12-09 21:37:50 +00:00
Jenkins
155abfcacb Merge "Remove deprecated notification event_type" 2015-12-01 21:18:19 +00:00
Steve Martinelli
c92e1b8726 Remove deprecated notification event_type
For role assignment notifications there were two notifications
being emitted. We deprecated the original notification event_type
in Kilo and can now remove it in Mitaka. Also update a reference
of the old event_type in the notification docs.

implements bp removed-as-of-mitaka

Change-Id: I42e68d2b95014fb7500a709de6ecbd8e5f93bac4
2015-11-24 18:21:44 -05:00
Steve Martinelli
6f012b2eb8 Remove example extension
we will no longer be supporting extensions, everything is in keystone
proper, with varying degrees of stability.

Change-Id: I419df55ebe760cbd36a1c93ff7e712cfd3e8405f
Implements: bp move-extensions
Closes-Bug: #1519244
2015-11-24 15:07:00 +00:00
Dave Chen
4f6069aa3d Update docs for legacy keystone extensions
With most of the legacy extensions were moved to core and
enabled by default, The docs for keystone extension should
be updated accordingly.

Partially implements: bp move-extensions

Change-Id: Iae7eba719992ea941b1267998ee77184eeea7b0f
2015-11-24 00:41:39 +08:00
Jamie Lennox
4f6cc67941 Use idp_id and protocol_id in jsonhome
These are inconsistent with the rest of the federation routes. Note that
this doesn't change a public interface, it changes the path variables
names that exist within a jsonhome document which should only be
referenced within the same href_vars element and some internal variable
names.

Change-Id: I36d41e95d745bd98d36c3442bd4aa4faa91cab72
Closes-Bug: #1420125
2015-11-21 15:34:59 +11:00
Jenkins
7b6a5a7515 Merge "Exclude old Shibboleth options from docs" 2015-11-17 15:07:38 +00:00
Jenkins
f7d4802b27 Merge "Document release notes process" 2015-11-17 08:20:50 +00:00
Jenkins
c157e6acfb Merge "Make K2K Mapping Attribute Examples more visible" 2015-11-17 06:11:35 +00:00
Nathan Kinder
e465de5b44 Remove hardcoded LDAP group schema from emulated enabled mix-in
The emulated enabled mix-in uses hard-coded LDAP schema for the
group objectclass and membership attributes.  This patch makes the
mix-in optionally use the LDAP group configuration settings.

Change-Id: I5ed9d552ec140f83578398fd29e2130ebf827662
Closes-Bug: #1515302
2015-11-13 00:02:31 -05:00
Jamie Lennox
c7047d8321 Exclude old Shibboleth options from docs
The documentation for setting up Shibboleth gives you a snippet of code
that you can copy and paste and then later in notes tells you to remove
options for apache 2.4.

At this point apache 2.4 should be considered the default and not the
exception and we can easily convey this information in the config
snippet and make copying it easier than having to re-read documentation
to figure out why options are unknown.

Change-Id: I9546b6b9cabdaffdb0473711dc07fc234f00d297
2015-11-13 12:15:49 +11:00
Brant Knudson
ec82f7b792 Document release notes process
Since we added support for reno, document that submitters should
provide release notes with their changes. Rather then expecting
others to provide them at the end.

Change-Id: I021dab1a6e34eb0b46c0676b26c669013118c118
2015-11-12 08:55:19 -06:00
“Fernando
db18e72e52 Make K2K Mapping Attribute Examples more visible
Changes Attribute Examples to code-block in
the documentation to make easily readable.

Change-Id: Id528f4c195a265f892e731b6dcd78b8c63754db9
2015-11-09 10:25:15 -06:00
Jenkins
6f4c64a128 Merge "Add Mapping Combinations for Keystone to Keystone Federation" 2015-11-06 19:50:19 +00:00
“Fernando
ab781d8164 Add Mapping Combinations for Keystone to Keystone Federation
Adds Mapping Rules for Keystone to Keystone Federation to the
Keystone Documentation.

Change-Id: If7c00ce4d8693b5d8ef008e272606ce497161946
2015-11-06 09:19:58 -06:00
Darren Shaw
bdbc0d9b75 Correct description in Keystone key_terms
Currently, key_terms.rst incorrectly states "The Identity..."
under the section dealing with Resources. This corrects
this issue.

Change-Id: I9db75c408cf9a7ab6979d44ecc39aa9821044b28
Closes-Bug: #1513464
2015-11-05 10:45:31 -06:00
Jenkins
93239e455c Merge "Capitalize a Few Words" 2015-11-04 04:38:36 +00:00
Jenkins
42bd9649ad Merge "Update Configuring Keystone doc for consistency" 2015-10-30 04:07:33 +00:00
Tom Cocozzello
5daaf840e7 Capitalize a Few Words
There are a few words that I have noticed throughout Keystone
that should be capitalized when they were not.  The few words
I fix are: Fernet, SQLite and MySQL.

Change-Id: Iba3ef08e35829ffb65f4c3e920066783a73e9d0b
2015-10-29 11:20:46 -05:00
Hidekazu Nakamura
8105f60920 Update Configuring Keystone doc for consistency
Character between section name and parameter name is
backslash or white space in Configuring Keystone doc.
This patch change backslash to white space for consistency.

Change-Id: I730a9769dad117ab2f94619bd02ae2a00c30bc38
2015-10-28 05:49:56 +09:00
Jenkins
739b93269c Merge "Explain default domain in docs for other services" 2015-10-21 00:58:24 +00:00
Jenkins
247aad45b0 Merge "change stackforge url to openstack url" 2015-10-20 21:58:32 +00:00
Dolph Mathews
6594b8e1a8 Explain default domain in docs for other services
The documentation for other services previously made an assertion that
(paraphrasing) "using v3 tokens on v2 works fine." That statement comes
with a laundry list of caveats, starting with the "default" domain.

This patch revises the documentation to introduce the default domain
first, and then enumerates the caveats that come as a result of mixing
and matching v2 and v3.

There's also some general RST syntax improvements, grammar improvements,
and line wrapping politely at 79 characters like your mother taught you
to do.

Change-Id: I342092b9c9971d44438fa83f547d1f5ddd204ced
2015-10-20 15:06:54 -05:00
Marek Denis
dd3ef9ddd2 Fix incorrect federated mapping example
The documentation didn't provide correct example of a mapping rules with
direct group mapping (with blacklist/whitelist keyword).
This could led users to a major confusion.

The example is now fixed. Additionaly, for clarity and increased
readibility the ``user`` and ``groups``
objects were split into separate ``local`` rules.

Change-Id: Iff343f1ff2829ef282a1314fd07203a435611e70
Closes-Bug: #1507944
2015-10-20 11:16:04 +02:00
Jin Nan Zhang
b6598abad8 change stackforge url to openstack url
because of the stackforge project move to openstack project,
so change the url to https://git.openstack.org/cgit/openstack/

Change-Id: I10070df0cf7222568e0e306e3b19612378baf30c
2015-10-20 16:31:23 +08:00
malei
1bb8f18680 Wrong usage of "an"
an historical anomaly -> a historical anomaly
an token -> a token

Change-Id: Id4b50e2e3e6f5a0c65107ddf6faeb7d6c45ca9ef
2015-10-17 12:14:48 +08:00