OpenStack Identity (Keystone)

Go to file

Henry Nash aa3dbce6f4 Add tests for role management with v3policy file In the upcoming patches for domain specific roles, we will modify the policy rules for role manipulation (e.g. a domain admin in domainA should not be able to manipulate domain specific roles in domain B). However, it turns out we don't test the currect role protection with the v3policy sample at all! This patch therefore adds this testing, so that in the follow-on patches for domain specific roles we can show that we have not affected the rights to manipulate global roles. Partially Implements: blueprint domain-specific-roles Change-Id: Ifdce381857fd7ad4cc2e5183d136907f8f3bf561		2016-02-03 21:29:28 +00:00
config-generator	switch to oslo.cache	2015-10-15 11:10:34 -04:00
doc	Merge "Implied Roles API"	2016-02-03 19:22:36 +00:00
etc	Implied Roles API	2016-01-29 16:47:21 +00:00
examples/pki	Correct bashate issues in gen_pki.sh	2015-10-20 10:40:10 -05:00
httpd	Merge "Document httpd for accept on /identity, /identity_admin"	2015-10-08 05:09:18 +00:00
keystone	Add tests for role management with v3policy file	2016-02-03 21:29:28 +00:00
rally-jobs	[rally] remove deprecated arg	2015-10-29 16:34:58 +02:00
releasenotes	Merge "Enhance manager list_role_assignments to support group listing"	2016-02-02 09:16:11 +00:00
tools	Merge "Remove all traces of oslo incubator"	2015-08-25 07:32:45 +00:00
.coveragerc	Change ignore-errors to ignore_errors	2015-09-21 14:27:58 +00:00
.gitignore	Add reno for release notes management	2015-11-10 16:10:00 -05:00
.gitreview	Add .gitreview config file for gerrit.	2011-10-24 14:48:03 -04:00
.mailmap	update mailmap with gyee's new email	2015-11-03 16:12:01 -08:00
.testr.conf	Move existing tests to unit	2015-02-13 15:54:29 -06:00
CONTRIBUTING.rst	Workflow documentation is now in infra-manual	2015-05-16 14:55:07 +00:00
HACKING.rst	Use oslo.log instead of incubator	2015-02-14 05:34:52 +00:00
LICENSE	Added Apache 2.0 License information.	2012-02-15 17:48:33 -08:00
MANIFEST.in	Update MANIFEST.in	2015-06-28 11:01:35 -05:00
README.rst	Replace github reference by git.openstack.org and change a doc link	2015-05-07 10:08:10 +08:00
babel.cfg	setting up babel for i18n work	2012-06-21 18:03:09 -07:00
bandit.yaml	Enable bandit tests	2016-01-26 16:32:27 -06:00
requirements.txt	Updated from global requirements	2016-01-24 20:49:29 +00:00
setup.cfg	Removed deprecated revoke KVS backend	2016-01-25 01:08:15 -08:00
setup.py	Updated from global requirements	2015-09-17 12:12:39 +00:00
test-requirements.txt	Revert "Unit test for checking cross-version migrations compatibility"	2016-01-29 08:13:31 -06:00
tox.ini	Remove un-used test code	2016-02-01 21:08:06 -05:00

README.rst

OpenStack Keystone

Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

http://docs.openstack.org/developer/keystone/

The API specification and documentation are available at:

http://specs.openstack.org/openstack/keystone-specs/

The canonical client library is available at:

https://git.openstack.org/cgit/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

http://docs.openstack.org/

The source of documentation for cloud administrators is available at:

https://git.openstack.org/cgit/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

http://specs.openstack.org/openstack/keystone-specs/#identity-program-specifications

Contributors are encouraged to join IRC (#openstack-keystone on freenode):

https://wiki.openstack.org/wiki/IRC

For information on contributing to Keystone, see CONTRIBUTING.rst.