openstack/keystoneauth

OpenStack Identity Authentication Library

Go to file

John Dennis b1301e606d Use comma as separator in ECP Accept HTTP header During SAML ECP authentication 2 specially formatted HTTP headers MUST be included in the request in order for the SP (Service Provider) to recognize the client is ECP capable and to start the SAML ECP flow. One is the PAOS header and the other is the Accept header which must include the "application/vnd.paos+xml" media type. Media types in the Accept header are separated by a comma (,). Unfortunately keystoneauth uses a semicolon (;) as the media type separator. The HTTP spec reserves the semicolon in the Accept header to attach parameters to the media type. For example Accept: type1;params1,type2;params2 Using a semicolon as a media type separator is syntactically invalid and can cause failures in servers that parse the Accept header. For example mod_auth_mellon emits this error message and fails to process the ECP request: request supplied valid PAOS header but omitted PAOS media type in Accept header have_paos_media_type=False valid_paos_header=True is_paos=False This indicates only 1 of the 2 required conditions were met. Change-Id: I6469990a57762fc47b297d7b5b2b4cb4872df4ba Signed-off-by: John Dennis <jdennis@redhat.com> Closes-Bug: 1656946		2017-01-16 16:50:09 -05:00
doc	Add a full listing of all auth plugins and there options	2017-01-10 14:40:28 +00:00
keystoneauth1	Use comma as separator in ECP Accept HTTP header	2017-01-16 16:50:09 -05:00
releasenotes	Only log application/json in session to start	2017-01-10 05:45:13 +00:00
tools	Add Constraints support	2016-12-21 11:24:09 +11:00
.coveragerc	Update coverage to keystoneauth1	2015-12-09 11:46:00 +11:00
.gitignore	Add release notes for keystoneauth	2015-11-29 20:05:16 -05:00
.gitreview	Initial Split of python-keystoneclient to keystoneauth	2015-04-20 14:49:59 -07:00
.mailmap	Add mailmap entry	2014-05-07 12:12:43 -07:00
.testr.conf	Move to the keystoneauth1 namespace	2015-06-25 16:48:54 -07:00
CONTRIBUTING.rst	Initial Split of python-keystoneclient to keystoneauth	2015-04-20 14:49:59 -07:00
HACKING.rst	Initial Split of python-keystoneclient to keystoneauth	2015-04-20 14:49:59 -07:00
LICENSE	Initial Split of python-keystoneclient to keystoneauth	2015-04-20 14:49:59 -07:00
README.rst	Show team and repo badges on README	2016-11-25 16:43:03 +01:00
requirements.txt	Updated from global requirements	2016-12-02 05:06:05 +00:00
setup.cfg	Remove references to Python 3.4	2017-01-05 15:27:51 -08:00
setup.py	Updated from global requirements	2015-09-17 12:12:42 +00:00
test-requirements.txt	Remove discover from test-requirements	2016-12-15 08:48:10 +01:00
tox.ini	Remove references to Python 3.4	2017-01-05 15:27:51 -08:00

README.rst

Team and repository tags

keystoneauth

This package contains tools for authenticating to an OpenStack-based cloud. These tools include:

Authentication plugins (password, token, and federation based)
Discovery mechanisms to determine API version support
A session that is used to maintain client settings across requests (based on the requests Python library)

Further information:

Free software: Apache license
Documentation: http://docs.openstack.org/developer/keystoneauth
Source: http://git.openstack.org/cgit/openstack/keystoneauth
Bugs: http://bugs.launchpad.net/keystoneauth