Merge "release notes and config guide new settings"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
934bcffe2c
@ -7,6 +7,33 @@ New, updated, and deprecated options in Newton for Identity service
|
|||||||
openstack-doc-tools repository.
|
openstack-doc-tools repository.
|
||||||
|
|
||||||
|
|
||||||
|
.. list-table:: New options
|
||||||
|
:header-rows: 1
|
||||||
|
:class: config-ref-table
|
||||||
|
|
||||||
|
* - Option = default value
|
||||||
|
- (Type) Help string
|
||||||
|
* - ``[security_compliance] disable_user_account_days_inactive =``
|
||||||
|
- (IntOpt) The maximum number of days a user can go without authenticating before being considered "inactive" and automatically disabled (locked).
|
||||||
|
* - ``[security_compliance] lockout_failure_attempts =``
|
||||||
|
- (IntOpt) The maximum number of times that a user can fail to authenticate before the user account is locked.
|
||||||
|
* - ``[security_compliance] lockout_duration = 1800``
|
||||||
|
- (IntOpt) The number of seconds a user account will be locked when the maximum number of failed authentication attempts is exceeded.
|
||||||
|
* - ``[security_compliance] password_expires_days = <None>``
|
||||||
|
- (IntOpt) The number of days for which a password will be considered valid before requiring it to be changed.
|
||||||
|
* - ``[security_compliance] password_expires_ignore_user_ids =``
|
||||||
|
- (StrOpt) User IDs to be ignored when checking if a password is expired.
|
||||||
|
* - ``[security_compliance] unique_last_password_count = 1``
|
||||||
|
- (IntOpt) Controls the number of previous user password iterations to keep in history, in order to enforce that newly created passwords are unique.
|
||||||
|
* - ``[security_compliance] minimum_password_age = 0``
|
||||||
|
- (IntOpt)The number of days that a password must be used before the user can change it.
|
||||||
|
* - ``[security_compliance] password_regex = <None>``
|
||||||
|
- (StrOpt) Validate password strength requirements.
|
||||||
|
* - ``[security_compliance] password_regex_description = <None>``
|
||||||
|
- (StrOpt) Humans language to describe password regular expression.
|
||||||
|
* - ``[token] cache_on_issue = false``
|
||||||
|
- (BoolOpt) Enable storing issued token data to token validation cache so that first token validation doesn't actually cause full validation cycle.
|
||||||
|
|
||||||
|
|
||||||
.. list-table:: Deprecated options
|
.. list-table:: Deprecated options
|
||||||
:header-rows: 1
|
:header-rows: 1
|
||||||
@ -16,4 +43,10 @@ New, updated, and deprecated options in Newton for Identity service
|
|||||||
- New Option
|
- New Option
|
||||||
* - ``[DEFAULT] use_syslog``
|
* - ``[DEFAULT] use_syslog``
|
||||||
- ``None``
|
- ``None``
|
||||||
|
* - ``[endpoint_policy] enabled``
|
||||||
|
- ``None``
|
||||||
|
* - ``[token] hash_algorithm``
|
||||||
|
- ``None``
|
||||||
|
* - ``[os_inherit]``
|
||||||
|
- ``None``
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user