openstack
/
keystone
Code Issues Proposed changes
OpenStack Identity (Keystone)
4,111 Commits 9 Branches 40 Tags 231 MiB
Python 99.5%
Shell 0.5%
Go to file
Steven Hardy fa16882507 Fix issues handling trust tokens via ec2tokens API 
Trust scoped tokens are handled incorectly when making requests
via the ec2tokens API, meaning that the restrictions enforced
by trust-scoped tokens are not respected when obtaining a token
via ec2token signature validation.

Storing the trust_id in the blob associated with the ec2 keypair,
and passing that id in the metadata when requesting a v2 token
solves the issue.

Change-Id: I52566384d7813ef0e2f20fb94a5076386457ff02
Closes-Bug: #1242597
 		2013-12-11 06:19:38 +00:00
bin use different bind addresses for admin and public 2013-11-11 15:27:29 +08:00
doc Merge "RST fix for os_inherit example" 2013-11-28 09:45:19 +00:00
etc Merge "Ensure the sample policy file won't diverge" 2013-12-05 06:04:16 +00:00
examples/pki fix unparseable JSON 2013-11-08 00:31:02 +00:00
httpd Disable lazy gettext 2013-10-03 12:23:24 +00:00
keystone Fix issues handling trust tokens via ec2tokens API 2013-12-11 06:19:38 +00:00
tools Sync From OSLO 2013-12-04 04:41:17 +10:00
.coveragerc Add tests dir to the coverage omit list 2013-09-30 16:07:03 -04:00
.gitignore Updates .gitignore 2013-12-02 17:22:05 +00:00
.gitreview Add .gitreview config file for gerrit. 2011-10-24 14:48:03 -04:00
.mailmap Merge "Update mailmap for Joe Gordon" 2013-11-22 07:51:14 +00:00
.testr.conf Changes to testr as the test runner 2013-10-15 12:28:38 +00:00
CONTRIBUTING.rst Migrate to pbr. 2013-05-23 16:59:08 +02:00
HACKING.rst Make HACKING.rst DRYer 2013-11-25 16:50:39 -08:00
LICENSE Added Apache 2.0 License information. 2012-02-15 17:48:33 -08:00
MANIFEST.in Move 'tests' directory into 'keystone' package 2013-08-14 01:30:01 -03:00
README.rst add IRC channel & wiki link to README 2013-10-16 12:55:18 -05:00
babel.cfg setting up babel for i18n work 2012-06-21 18:03:09 -07:00
openstack-common.conf Merge "Sync log_handler module from Oslo" 2013-11-27 08:37:20 +00:00
requirements.txt Updated from global requirements 2013-12-03 09:45:18 -06:00
run_tests.sh Changes to testr as the test runner 2013-10-15 12:28:38 +00:00
setup.cfg Changes to testr as the test runner 2013-10-15 12:28:38 +00:00
setup.py Sync with global requirements 2013-09-30 17:03:58 -04:00
test-requirements.txt Sync global requirements to pin sphinx to sphinx>=1.1.2,<1.2 2013-12-10 13:57:16 -08:00
tox.ini Fixes tox coverage command 2013-10-28 15:41:55 +00:00

README.rst

OpenStack Keystone

Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.

Developer documentation, the source of which is in doc/source/, is published at:

http://keystone.openstack.org/

The API specification is available at:

https://github.com/openstack/identity-api

The API documentation is available at:

http://api.openstack.org/api-ref-identity.html

The canonical client library is available at:

https://github.com/openstack/python-keystoneclient

Documentation for cloud administrators is available at:

http://docs.openstack.org/

The source of documentation for cloud administrators is available at:

https://github.com/openstack/openstack-manuals

Information about our team meeting is available at:

https://wiki.openstack.org/wiki/Meetings/KeystoneMeeting

Bugs and feature requests are tracked on Launchpad at:

https://bugs.launchpad.net/keystone

Future design work is tracked at:

https://blueprints.launchpad.net/keystone

Contributors are encouraged to join IRC (#openstack-dev on freenode):

https://wiki.openstack.org/wiki/IRC

For information on contributing to Keystone, see CONTRIBUTING.rst.