657 Commits

Author SHA1 Message Date
Jenkins
9b8376f129 Merge "Fix some nits in configure_federation.rst" 2015-10-16 22:11:24 +00:00
Jenkins
f0c723e583 Merge "Correct the filename" 2015-10-16 22:11:13 +00:00
Jenkins
437c416461 Merge "keystone-paste.ini docs for deployers are out of date" 2015-10-15 04:17:38 +00:00
Jenkins
3f73891181 Merge "Fix the referred [app:app_v3] into [pipeline:api_v3]" 2015-10-15 03:05:13 +00:00
Ron De Rose
558bbff0cb keystone-paste.ini docs for deployers are out of date
Updated the docs to better reflect v3 deployments. Essentially, matched
the [app:service_v3] entry with the value in the ini file.

Closes-Bug: 1504891
Change-Id: I57f6a2a5287b2f6aa108586c1ad07b9a6235d53d
2015-10-14 18:50:10 +00:00
Dave Chen
df2ef52390 Correct the filename
There is an extra `s` in filename.

Change-Id: Ic5ebc7cc63be7185fc830c1f77fbac447d155399
2015-10-14 11:27:58 +08:00
Dave Chen
ac1d41070a Fix some nits in configure_federation.rst
Change-Id: I6c8215fa82a58480c2d41395ae09070ab1403f9a
2015-10-13 17:51:35 +08:00
Lance Bragstad
ebbffb6298 Additional documentation for services
Change-Id: I285baf3e0fa7115623e31610fd4e9c3ba6aa098b
2015-10-07 15:37:52 +00:00
Brant Knudson
54ce508878 Documentation for other services
We were requested by the nova team to provide an overview of what
they need to know about keystone (and specifically v3).

Change-Id: Ic12343f8cc36d0ede14bb56a5b18406bcca8d28f
2015-10-06 08:31:35 -05:00
Nisha Yadav
65e64a9742 Replace sqlalchemy-migrate occurences from code.google to github
The OpenStack team started to handle the maintenance of
SQLAlchemy-migrate in their infrastructure. Their code repository is at
GitHub.There is some documentation inside the keystone project using
the link http://code.google.com/p/sqlalchemy-migrate/ . Since this is no
longer in use, the idea is to replace all the occurrences of
http://code.google.com/p/sqlalchemy-migrate/ by
https://github.com/stackforge/sqlalchemy-migrate

Change-Id: Ia17773058a7ea47f830f5b0c86b0be7332acece1
2015-10-01 14:56:48 +05:30
Brant Knudson
a0c531031a Move development environment setup instructions to standard location
According to [1], every project should publish instructions for
setting up a development environment to
http://docs.openstack.org/developer/<PROJECT_NAME>/devref/development.environment.html

Keystone's development environment setup instructions are moved
there for consistency.

[1] https://wiki.openstack.org/wiki/Getting_The_Code#Hacking_on_your_laptop_and_running_unit_tests

Change-Id: I084fd0dd9fc4f4ec768649718d86a8ccac990dfd
2015-09-23 15:18:32 -05:00
Jenkins
e38c9d9214 Merge "Add documentation for configuring IdP WebSSO" 2015-09-22 04:15:42 +00:00
Lance Bragstad
609518ff2b Add documentation for configuring IdP WebSSO
We recently added a new federation call to Keystone that will allow federated
authentication flows for a specific Identity Provider. This commit adds
documentation around configuring httpd modules for the newly added call and
horizon configuration.

Co-Authored-By: Lin Hua Cheng <os.lcheng@gmail.com>

Change-Id: Id334e979c951387b1d70da70fc5d4939a6e7d6a6
related: bp federation-idp-websso
Closes-Bug: 1491910
Related-Bug: 1491916
2015-09-18 11:09:54 -07:00
Gerhard Muntingh
4492658510 Fix the referred [app:app_v3] into [pipeline:api_v3]
The pipe is defined in [pipeline] sections, not in [app] sections.

A couple of lines below, the name (app_v3) is used in the composite
application, where it is referred to as api_v3. This patch makes this
consistent.

Change-Id: Iec18b017777bf1e7d182fbbe78f73d5241c81135
Signed-off-by: Gerhard Muntingh <gerhard@qux.nl>
2015-09-18 16:10:09 +02:00
Jenkins
65d88df1b8 Merge "Removed the extra http:// from JSON schema link" 2015-09-16 11:01:34 +00:00
venkatamahesh
340873bd12 Removed the extra http:// from JSON schema link
An extra "http://" in the rst format for the link to
JSON Schema web page has been removed. The link when
documents are rendered should now work as intended.

Change-Id: I4da9c9301db055a62679c4ca1da73ae728220e88
Closes-Bug: #1488903
2015-09-15 23:57:36 +00:00
Eric Brown
53788e4ab6 Update man pages with liberty version and dates
Both keystone-all and keystone-manage listed out-dated versions
and dates.  This patch bumps the version to 8.0.0 and the release
date of 10-15-15 according to:
    https://wiki.openstack.org/wiki/Liberty_Release_Schedule

Change-Id: Ic389d4fded4579c7ebee2645e7150df4d12e48de
Closes-Bug: #1495645
2015-09-14 10:51:01 -07:00
Jenkins
aa8dc5c9c5 Merge "Update apache-httpd.rst" 2015-09-09 08:15:19 +00:00
Dave Chen
c18ad89263 Update apache-httpd.rst
Differentiate the location of Apache server for different distro,
and reword about the symlink.

Change-Id: I90cfbe31e7bd2e810a0499afa6724a2d0102c221
2015-09-09 13:46:53 +08:00
naveenkunareddy
d2be5e4f48 Fixed typos in 'developing_drivers' doc
Addressed the review comments on typos in the developing_drivers doc @
https://review.openstack.org/#/c/218481/7/doc/source/developing_drivers.rst

Change-Id: I9008a913b431c76de91d5d6d3f78f9e1533a88a2
Closes-Bug: #1491854
2015-09-07 15:13:16 +05:30
Jenkins
7f279ad636 Merge "Tokenless authz with X.509 SSL client certificate" 2015-09-03 12:53:33 +00:00
chioleong
efbc57e593 Tokenless authz with X.509 SSL client certificate
Implemented middleware to map an incoming trusted SSL client certificate
into Keystone auth credential so we can perform authorization without
having to issue a token.

TODO: to submit a separate patch to devstack to enable this feature.

Co-authored-by: guang-yee <guang.yee@hp.com>

SecurityImapct
DocImpact
implements bp keystone-tokenless-authz-with-x509-ssl-client-cert

Change-Id: Icc7305ca9d96f8e9cdc95ccde57de650801c6544
2015-09-02 15:10:31 -07:00
Vivek Dhayaal
ba317dedd8 Stable Keystone Driver Interfaces
Extended support for versioned driver classes to the rest of the
backends based on the design of the initial support for catalog backend @
https://review.openstack.org/#/c/218481/

partially Implements bp stable-driver-interfaces

Change-Id: I0078f6dc32932beb6db534ecf22b160097c5a090
2015-09-02 06:10:26 +00:00
David Stanek
c8e2364240 Initial support for versioned driver classes
- Adds a helper to deprecate old driver classes
- Implements the versioned driver for keystone.catalog
- Documents developing drivers

partially implements bp stable-driver-interfaces

Change-Id: I58f6781a4e1256ffeb0cf226140b8be245c32aac
2015-09-02 02:44:01 +00:00
Jenkins
ada0385342 Merge "update links in http-api to point to specs repo" 2015-08-27 10:26:16 +00:00
Jenkins
e68c59a98f Merge "Update docs for stevedore drivers" 2015-08-27 10:25:57 +00:00
Jenkins
bf98cc7c4f Merge "Use wsgi_scripts to create admin and public httpd files" 2015-08-27 00:08:11 +00:00
Jenkins
d63c1c03a1 Merge "Update Httpd configuration docs for sites-available/enabled" 2015-08-25 20:44:55 +00:00
Steve Martinelli
14cc524e8e update links in http-api to point to specs repo
the links in the http-api docs were pointing to openstack-attic,
correct this by pointing to specs.o.org

Change-Id: I807f16b130548e90d975156a8488c66f3e4d59fc
2015-08-18 23:01:01 -05:00
Brant Knudson
3624c2f5ad Use wsgi_scripts to create admin and public httpd files
The httpd/keystone.py file needed to be copied and then
symlinked when used by web servers to "admin" and "main".

pbr 1.4.0 added support for wsgi_scripts that creates scripts
for wsgi servers on install. Keystone will now specify
wsgi_scripts so that the admin (keystone-wsgi-admin) and
main (keystone-wsgi-public) scripts will be created on install.

See http://httpd.apache.org/docs/2.4/upgrading.html#access for
the apache docs with examples for the Allow/Deny/Require
directives.

DocImpact

Related-Bug: #1441733
Change-Id: Ic9c03e6c00408f3698c10012ca98cfc6ea9b6ace
2015-08-18 09:33:23 -05:00
Brant Knudson
3bac87ef2c Update Httpd configuration docs for sites-available/enabled
Newer releases of Apache Httpd server prefer to use sites-available /
sites-enabled configuration directories, but the Apache setup
documentation was still using conf.d. This change updates the Apache
setup documentation to use the preferred method.

Change-Id: I00a4cef2e4194b07f12ed0c0f6c584f236771a00
2015-08-18 09:33:23 -05:00
algerwang
48560e4de5 Update 'doc/source/setup.rst'.
Change Fedora's dependencies, Because it's error:
missing libffi-devel, python-sqlite2 not required

Change-Id: Iba9bc84e785f6508d86e7c7914abe2be041b6620
Closes-Bug: #1485687
2015-08-18 10:55:02 +08:00
Eric Brown
f6235ace61 Minor grammar fixes to connection pooling section
This patch resolves some of the grammatical errors and punctuation
issues in the connection pooling section of the configuration
docs.

Change-Id: Iff4ebee42b4ad444477924b0cbb5fa9e906be8e0
2015-08-09 10:08:06 -07:00
Brant Knudson
a1d5453fcf Update docs for stevedore drivers
some docs were using the old fully-qualified class path for
the drivers. With stevedore support these can be changed to use
the short names of the entrypoints.

Change-Id: I7ec20ffe2237ddc94319d5fb5c7bd60a0a2f7c4d
2015-08-08 09:21:41 -05:00
Jenkins
74575a66f1 Merge "Document policy target for operation" 2015-08-06 16:11:07 +00:00
Ghe Rivero
e614b29940 Update exported variables for openstack client
When using openstack client to populate an initial keystone
deployment, instead of the former keystone client, the env.
variables needed are OS_TOKEN and OS_URL instead of the
previous OS_SERVICE_TOKEN and OS_SERVICE_ENDPOINT

Change-Id: I79dcd56896945267cf1c8ff4378ffff63048e155
2015-08-01 05:11:07 +02:00
Brant Knudson
d1873fc4ab Document sample config updated automatically
There's an infra job now to keep the sample config file
up to date so developers shouldn't propose config file updates
with their commits.

Change-Id: I154ccbf8c289a373c8cc02004244e1edfcc9f4af
2015-07-28 20:33:58 -05:00
Jenkins
6a6fcc22be Merge "add federation docs for mod_auth_mellon" 2015-07-24 14:27:17 +00:00
Atsushi SAKAI
f188815b54 Fix four typos and Add one space on keystone document
encryted => encrypted
counterintuitive => counter intuitive (space added)
infomration =>information
configuraton => configuration

Organizaion => Organization


Change-Id: I349778565a1381feb8b626f9f633322815a272f7
Closes-Bug: #1477898
2015-07-24 10:17:48 +00:00
Jenkins
dd18c8e260 Merge "Minor fix in the configuration.rst" 2015-07-23 11:57:41 +00:00
Jenkins
29bd0b907c Merge "Correct spacing in `mapping_combinations.rst`" 2015-07-22 19:23:34 +00:00
Jenkins
264ef12216 Merge "Adding Documentation for Mapping Combinations" 2015-07-22 19:19:55 +00:00
Dave Chen
800c7f131c Minor fix in the configuration.rst
The correct group name is `domain_config`, this will help to search the
right group in the main configuration file.

Change-Id: I15997bbedf5e3544cef17bcfc0345c0aa8bee401
2015-07-22 17:48:19 +08:00
Marek Denis
8f25bfb7c5 Correct spacing in `mapping_combinations.rst`
Change-Id: I9960804a9395a7414000862c835c7698a6cff913
2015-07-22 09:06:05 +02:00
Rich Megginson
4f36d900e6 add federation docs for mod_auth_mellon
mod_auth_mellon is an authentication module for Apache.
It authenticates the user against a SAML 2.0 IdP, and
grants access to directories depending on attributes
received from the IdP.  It can be used by Keystone to provide
authentication via the
keystone.contrib.federation.backends.sql.Federation federation
authentication driver for the saml2 auth method.

closes-bug: #1470952

Change-Id: Id0467abe37ac4c4c74832ca5bb98f98c63afded1
2015-07-21 12:10:30 -06:00
Fernando Diaz
0a7a038368 Adding Documentation for Mapping Combinations
Documentation showing what mappings are allowed
in keystone federation. keystone-manage mapping_engine
is being utilized.

Change-Id: Ie49f1db212964c1d48402b9de66f04a9444cfeae
2015-07-21 10:12:48 +02:00
Brant Knudson
3a25da6faf Document policy target for operation
Adds documentation that shows the policy target for each
operation.

Closes-Bug: 1424496
Change-Id: I3e526d6a3268b949c0b9876b9a7748129981d6e5
2015-07-20 16:44:26 -05:00
Jenkins
f303c3ef5b Merge "Document use of wip up to developer" 2015-07-20 09:20:19 +00:00
Ning Sun
d49dbfd117 Fixes grammar in setup.rst in doc source
Change-Id: I42b6a3a18c40c1889f1bfaf6c526b5a959ca591c
2015-07-14 19:27:18 -07:00
Jenkins
e7e006c449 Merge "Modified command used to run keystone-all." 2015-07-08 02:41:55 +00:00