Extracts common OpenSSL functionality from pki_setup and adds a new cli
command ssl_setup which re-uses this base to generate SSL certificates
for https.
Change-Id: Ia34827583bcdfbd871133250681010e642271f07
Fixes: bug 1155361
Fixes Bug1040115
added several test cases, also provides a full ldap
regression suite. Also added supplemental (simple)
verification for CACERTFILE and CACERTDIR
added a TLS disable option when ldaps URLs are used
and did full regression tests using ldaps URLs
and with TLS
addresses ayoung's comments
addresses dolphm's and Mouad's comments
addresses gyee's doc request and bknudson's comments
Change-Id: I639f2853df0ce5c10ae85b06214b26430d872aca
The example lacked the import of keystone.common.wsgi that could be
misleading for new developers.
Change-Id: I20be59f5792507a775d033867a69d31c5216633c
Also implemented the following:
blueprint pluggable-identity-authentication-handlers
blueprint stop-ids-in-uris
blueprint multi-factor-authn (just the plumbing)
What's missing?
* domain scoping (will be implemented by Henry?)
Change-Id: I191c0b2cb3367b2a5f8a2dc674c284bb13ea97e3
The doc/source/old directory contained several docs
that were marked as 'old' and hadn't been updated for more
than a year.
This patch simply removes them - they aren't referred to in
any way noticable on keystone.openstack.org.
Change-Id: Ida57e0321be09aa8ddcb966f386132946017cdcb
- Added a missing space: mayuse -> may use
- Removed default values from help messages, which were appearing as
None, and should be added by argparse anyway
- Updated man pages
Change-Id: I471a1aaff40398488e19f91a16bd91d2d17db61d
This should stop complaints about Sphinx not correctly identifying
svg content type while still maintaining an svg version for
maintenance purposes.
Change-Id: If7085e4644562232945efc97d420eeecab85623e
This covers given authentication using REMOTE_USER and also the way to
implement custom auth with WSGI middleware.
DocImpact
blueprint: pluggable-identity-authentication-handlers
Change-Id: Idbac8c38d1f0be1febbbc8056c929bada6bbb07e
updated docstrings to remove two errors
reformatted front page header to be consistent
added links to autogenerated python documentation
Change-Id: I59fddc12ff458bbd0102a40d4d85903ab6bd6394
From markmc's proposal:
http://lists.openstack.org/pipermail/openstack-dev/2012-July/000277.html
For backward compatiblity, configuration from paste-deploy INI is used
if it exists. If not, section [keystone_authtoken] in global
configuration is expected, with the same parameter names.
Requires application using global cfg.CONF object (nova and glance since
folsom-2) and before there's openstack.common library, attempts to use
copy/pasted <application>.openstack.common.cfg
DocImpact
Change-Id: If6aa22280f4ce2cc698d99a130b5792dab808363
Includes documentation and sample config file values.
Bug 997700
Patchset adds DocImpact flag for notifying doc team about these new
config file values.
Change-Id: Ibd3fade3f233a3b89a1c2feaa0a6b5a9569ad86c
Fixes bug 996922
This commit adds a user_crud module that can be used in the public wsgi
pipeline, currently the only operation included allows a user to update
their own password.
In order to change their password a user should make a HTTP PATCH to
/v2.0/OS-KSCRUD/users/<userid>
with the json data fomated like this
{"user": {"password": "DCBA", "original_password": "ABCD"}}
in addition to changing the users password, all current tokens
will be cleared (for token backends that support listing) and
a new token id will be returned.
Change-Id: I0cbdafbb29a5b6531ad192f240efb9379f0efd2d