aa3dbce6f4
In the upcoming patches for domain specific roles, we will modify the policy rules for role manipulation (e.g. a domain admin in domainA should not be able to manipulate domain specific roles in domain B). However, it turns out we don't test the currect role protection with the v3policy sample at all! This patch therefore adds this testing, so that in the follow-on patches for domain specific roles we can show that we have not affected the rights to manipulate global roles. Partially Implements: blueprint domain-specific-roles Change-Id: Ifdce381857fd7ad4cc2e5183d136907f8f3bf561 |
||
---|---|---|
config-generator | ||
doc | ||
etc | ||
examples/pki | ||
httpd | ||
keystone | ||
rally-jobs | ||
releasenotes | ||
tools | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.testr.conf | ||
CONTRIBUTING.rst | ||
HACKING.rst | ||
LICENSE | ||
MANIFEST.in | ||
README.rst | ||
babel.cfg | ||
bandit.yaml | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/
, is published at:
The API specification and documentation are available at:
The canonical client library is available at:
https://git.openstack.org/cgit/openstack/python-keystoneclient
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
http://specs.openstack.org/openstack/keystone-specs/#identity-program-specifications
Contributors are encouraged to join IRC
(#openstack-keystone
on freenode):
For information on contributing to Keystone, see
CONTRIBUTING.rst
.