OpenStack Identity (Keystone)
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Go to file
Jamie Lennox 1d7c96d6a3 Require auth_context middleware in the pipeline
Keystone has shipped with the auth_context middleware in the pipeline
now for a number of releases. In newer parts of the code we rely on it
for auth information and in others we don't.

A prime example of this is the @protected handlers, if the auth_context
middleware isn't present it rebuilds this information. This is yet
another place where keystone validates a token.

Set a flag on the context to indicate that the request was validated by
auth_context middleware and raise Unauthenticated if not. This
essentially requires deployments to have the middleware enabled and
reduces validation to that point. This will help unify the code that is
behind a protected endpoint as we can rely on the context.

Change-Id: Iceca967e5bf698df13da28d0875c441f2a980e90
7 years ago
api-ref/source Merge "Docs: Fix the query params in role_assignments example" 7 years ago
config-generator Remove eventlet support 7 years ago
doc Merge "Mark the domain config via API as stable" 7 years ago
etc Merge "Concrete role assignments for federated users" 7 years ago
examples/pki Correct bashate issues in 8 years ago
httpd Keystone uwsgi performance tuning 7 years ago
keystone Require auth_context middleware in the pipeline 7 years ago
keystone_tempest_plugin Replace keystone.common.config with keystone.conf package 7 years ago
rally-jobs [rally] remove deprecated arg 8 years ago
releasenotes Mark the domain config via API as stable 7 years ago
tools Remove helper script for py34 7 years ago
.coveragerc Change ignore-errors to ignore_errors 8 years ago
.gitignore Migrate identity /v3 docs from api-ref repo 7 years ago
.gitreview Add .gitreview config file for gerrit. 12 years ago
.mailmap update mailmap with gyee's new email 8 years ago
.testr.conf Stop using oslotest.BaseTestCase 7 years ago
CONTRIBUTING.rst Workflow documentation is now in infra-manual 8 years ago
HACKING.rst Use oslo.log instead of incubator 8 years ago
LICENSE Added Apache 2.0 License information. 11 years ago Add .mo files to 7 years ago
README.rst Replace github reference by and change a doc link 8 years ago
babel.cfg setting up babel for i18n work 11 years ago
other-requirements.txt Update other-requirements for Xenial 7 years ago
requirements.txt Updated from global requirements 7 years ago
setup.cfg Merge "Revert "Install necessary files in etc/"" 7 years ago Updated from global requirements 8 years ago
test-requirements.txt Updated from global requirements 7 years ago
tox.ini Merge "Include doc directory in pep8 checks" 7 years ago


OpenStack Keystone

Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

The API specification and documentation are available at:

The canonical client library is available at:

Documentation for cloud administrators is available at:

The source of documentation for cloud administrators is available at:

Information about our team meeting is available at:

Bugs and feature requests are tracked on Launchpad at:

Future design work is tracked at:

Contributors are encouraged to join IRC (#openstack-keystone on freenode):

For information on contributing to Keystone, see CONTRIBUTING.rst.