Commit Graph

12 Commits

Author SHA1 Message Date
Takashi Kajinami
d919628ed1 Use a 'params' hash for authtoken parameters
This change adds the 'params' hash in authtoken class, to implement
the same functionality as the one recently introduced into
puppet-nova[1].

[1] 5c38281e1b698f157f03bf1815733277c541c30b

Change-Id: I9a3a1ae0059afc44f71c322c2452776f293a2089
2020-10-12 05:01:03 +00:00
Takashi Kajinami
8d0b2fb637 Add support for the keystone_authtoken/service_type parameter
Change-Id: Ie4a829b7463697809e7b7d553bd269af9cae59bd
2020-10-12 05:00:41 +00:00
Takashi Kajinami
33d690c7eb Add support for the interface parameter in authtoken middleware
This patch adds support for [keystone_authtoken] interface parameter,
so that operators can define which endpoint should be used by authtoken
middleware.

Change-Id: I39bf94a041d7d4af31fb2653c9274ee8fbdb732e
2020-07-09 08:31:19 +09:00
Takashi Kajinami
f9491ff8df Add support to configure service_token_roles in authtoken middleware
Change-Id: I881058fdc53c3ff381b96438ef46dfdc852ece94
2019-09-21 10:22:19 +09:00
ZhongShengping
d3b2dd80ab Service_token_roles_required missing in the server config file
Service_token_roles_required missing in the server config file which
allows backwards compatibility to ensure that the service tokens are
compared against a list of possible roles for validity.

Change-Id: I75c8036cfd0e538309f11284a087753c50d12394
Closes-Bug: 1778198
2019-02-14 17:27:04 +08:00
ZhongShengping
768fa0661c Deprecate pki related options
check_revocations_for_cached and hash_algorithms are deprecated for
removel because of PKI token format is no longer supported.
Update warning message and add a release note.

Change-Id: If6988f9cdf4e3edc825b6f9dbfcdb24155458e51
Closes-Bug: #1804562
Closes-Bug: #1804720
2018-11-23 10:17:51 +08:00
caoyuan
61d07624ce Replace port 35357 with 5000
Now that the v2.0 API has been removed, we don't have a reason to
include deployment instructions for two separate applications on
different ports. This change updates the guide to be consistent with
recent changes to the ubuntu packages:

https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone/commit/?id=915d787af42096b0fad715e49759cd357e47787e

Change-Id: I555e3559af1f8db9a14e0667969327ea06903c21
2018-05-12 14:55:14 +00:00
ZhongShengping
f1237a940d Deprecate auth_uri option
Option "auth_uri" from group "keystone_authtoken" is deprecated[1].
Use option "www_authenticate_uri" from group "keystone_authtoken".

[1]https://review.openstack.org/#/c/508522/

Change-Id: I89f82693b22cc61c97f9df3fbbd2bdbfe482f549
Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316
Closes-Bug: #1759098
2018-04-04 16:08:01 +08:00
ZhongShengping
c477791fc9 Deprecate revocation_cache_time option
The revocation_cache_time is deprecated for removel because of PKI
token format is no longer supported.
Update warning message and add a release note.

Change-Id: I18389ff125c9f116b0f0682371698473e6974ac2
Closes-Bug: #1717144
2017-09-14 10:51:20 +08:00
Matthew J. Black
64ba3872cb Allow python-memcache install from authtoken class
The python-memcache package is required if using memcached. By
default the package is not installed and the define has it set to
false. This change allows managing the python-memcache package
install from the authtoken class.

Change-Id: I56e335c77e1512acc3432275b2381b10ba919fb0
2017-01-11 18:26:16 -05:00
ZhongShengping
dcfd625888 Deprecate signing_dir option
The signing_dir is deprecated for removel because of PKI token format
is no longer supported.
Update warning message and release note.

Change-Id: I4b60cbf1c48bc344f1ea223afb35d268e9472ac8
Closes-Bug: #1652700
2016-12-27 10:17:47 +08:00
Iury Gregory Melo Ferreira
75161dd0ca Move aodh to authtoken
In aodh::api, use keystone::resource::authtoken to configure
keystone_authtoken section in aodh.conf, with all parameters
required to configure keystonemiddleware.
This patch will allow to deploy aodh to use Keystone v3 authentification.

Some deprecations:
- aodh::api::keystone_tenant is deprecated in favor of
  aodh::keystone::authtoken::project_name.
- aodh::api::keystone_user is deprecated in favor of
  aodh::keystone::authtoken::username.
- aodh::api::keystone_password is deprecated in favor of
  aodh::keystone::authtoken::password.
- aodh::api::keystone_project_domain_name is deprecated in favor of
  aodh::keystone::authtoken::project_domain_name
- aodh::api::keystone_user_domain_name is deprecated in favor of
  aodh::keystone::authtoken::user_domain_name
- aodh::api::keystone_auth_type is deprecated in favor of
  aodh::keystone::authtoken::auth_type
- aodh::api::keystone_auth_uri is deprecated in favor of
  aodh::keystone::authtoken::auth_uri
- aodh::api::keystone_identity_uri is deprecated in favor of
  aodh::keystone::authtoken::auth_url
- aodh::api::keystone_auth_url is deprecated in favor of
  aodh::keystone::authtoken::auth_url
- aodh::api::memcached_servers is deprecated in favor of
  aodh::keystone::authtoken::memcached_servers

Change-Id: Id8b3d8265f3554865fd77b291f235219b147efb9
Related-Bug: #1604463
2016-08-19 04:27:46 +00:00