Fix issues in User CRUD section
The user CRUD section had several issues. - CRUD wasn't defined - public_api is a literal string from the config file - The pipelines are now defined in keystone-paste.ini - The default pipeline has changed, stats_monitoring and xml_body don't exist anymore - tokens are invalidated in every token persistence backend These are corrected. Change-Id: I0620e8543d76220e2263ace2145e2b4eb0529b30
This commit is contained in:
parent
84fad0c54b
commit
fecac53335
|
@ -30,25 +30,25 @@
|
|||
<xi:include href="identity/section_caching-layer.xml"/>
|
||||
<section xml:id="user-crud">
|
||||
<title>User CRUD</title>
|
||||
<para>Identity provides a user CRUD filter that can
|
||||
be added to the public_api pipeline. This user CRUD filter
|
||||
enables users to use a HTTP PATCH to change their own password.
|
||||
To enable this extension you should define a
|
||||
<literal>user_crud_extension</literal> filter, insert it after
|
||||
<para>Identity provides a user CRUD (Create, Read, Update, and Delete)
|
||||
filter that can be added to the <literal>public_api</literal> pipeline.
|
||||
The user CRUD filter enables users to use a HTTP PATCH to change their
|
||||
own password. To enable this extension you should define a
|
||||
<literal>user_crud_extension</literal> filter, insert it after
|
||||
the <literal>*_body</literal> middleware and before the
|
||||
<literal>public_service</literal> application in the
|
||||
public_api WSGI pipeline in <filename>keystone.conf</filename>.
|
||||
For example:</para>
|
||||
<literal>public_service</literal> application in the
|
||||
<literal>public_api</literal> WSGI pipeline in
|
||||
<filename>keystone-paste.ini</filename>. For example:</para>
|
||||
<programlisting language="ini"><?db-font-size 75%?>[filter:user_crud_extension]
|
||||
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
|
||||
|
||||
[pipeline:public_api]
|
||||
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service</programlisting>
|
||||
pipeline = sizelimit url_normalize request_id build_auth_context token_auth admin_token_auth json_body ec2_extension user_crud_extension public_service</programlisting>
|
||||
<para>Each user can then change their own password with a HTTP PATCH:</para>
|
||||
<screen><prompt>$</prompt> <userinput>curl -X PATCH http://localhost:5000/v2.0/OS-KSCRUD/users/<replaceable>USERID</replaceable> -H "Content-type: application/json" \
|
||||
-H "X_Auth_Token: <replaceable>AUTHTOKENID</replaceable>" -d '{"user": {"password": "ABCD", "original_password": "DCBA"}}'</userinput></screen>
|
||||
<para>In addition to changing their password, all current
|
||||
tokens for the user are deleted (if the back end is KVS or SQL).</para>
|
||||
tokens for the user are invalidated.</para>
|
||||
<note><para>Only use a KVS back end for tokens when testing.</para></note>
|
||||
</section>
|
||||
<section xml:id="keystone-logging">
|
||||
|
|
Loading…
Reference in New Issue