Skip to end of metadata
Go to start of metadata

OpenStack Identity (Keystone)

Keystone is a cloud identity service written in Python.

Project Description

CODE Repository - https://github.com/openstack/keystone Releases - https://github.com/openstack/keystone/tags DOCUMENTATION For Users - http://docs.openstack.org/ For Contributors - http://keystone.openstack.org/ COMMUNITY Wiki - http://wiki.openstack.org/keystone Meetings - http://wiki.openstack.org/Meetings/KeystoneMeeting Mailing Lists - http://wiki.openstack.org/MailingLists IRC - #openstack on http://freenode.net/

 

Active Project Series

Series

Summary

Status

Active Milestone(s)

Keystone future series

The future series tracks work that is necessary but will not land (or be completed) in the current development cycle.

Future

Keystone grizzly series

This is the "grizzly" series.

Current Stable Release

 

Keystone havana series

This is the "havana" series.

Active Development

Keystone icehouse series

This is the "icehouse" series.

Future

Project Code:

openstack/keystone

Repository URL:

https://github.com/openstack/keystone

Launchpad Project:

OpenStack Identity (Keystone)

Project Activity Dashboard:

Project Activity

Project Contributors Activity:

Project Contributors Activity

Repository

Active Bugs in the past 7 days

Bug Importance Reporter Assigned Date Assigned Assignee Status
Add memcached_backend option in keystone.conf Undecided Kui Shi (info) Aug 23, 2014 Kui Shi New
'Provider' object has no attribute 'revoke_api' Low Udi Kalifon (info) Aug 22, 2014 werner mendizabal In Progress
List role assignments filters performance Wishlist Samuel de Medeiros Queiroz (info) Aug 22, 2014 Samuel de Medeiros Queiroz Confirmed
keystone execute SQL statments so many times? Medium nethawk (info) Aug 21, 2014 Alexey Miroshkin Triaged
Wrong exception caught for admin checking in ec2 Medium Sam Morrison (info) Aug 21, 2014 Alexey Miroshkin Triaged
Unable to delete domain if user from other domain was added Medium Sergii Kashaba (info) Aug 21, 2014 Alexey Miroshkin Triaged
decoding error when delete role with windows 2012 ad identity backend Undecided Yaguang Tang (info) Aug 21, 2014 Yaguang Tang In Progress
Abstract driver signatures for update catalog entities are wrong Low Henry Nash (info) Aug 21, 2014 Henry Nash Fix Committed
KeyError in GroupNotFound error path Undecided Matthew Edmonds (info) Aug 20, 2014 Matthew Edmonds In Progress
Error on _ldap_get_list without attrlist value Undecided Marcos Lobo (info) Aug 18, 2014 Marcos Lobo In Progress
Can't upgrade from 2013.2 or 2013.2.1 to Juno Critical Brant Knudson (info) Aug 17, 2014 Brant Knudson In Progress
Unittests do not succeed with random PYTHONHASHSEED value Medium Clark Boylan (info) Jul 28, 2014 Dolph Mathews In Progress
mis-use of XML canonicalization in keystone tests Low Mike Bayer (info) Jul 23, 2014 David Stanek Fix Committed
Revocation events don't handle scoped tokens correctly High Matt Riedemann (info) Jul 23, 2014 Brant Knudson Fix Committed
Allow LDAP account lock attributes to be used as enable attributes Wishlist Nathan Kinder (info) Jul 3, 2014 Nathan Kinder Fix Committed
Update test requirement hacking to series 0.9.x Low Christian Berendt (info) Jun 10, 2014 Morgan Fainberg In Progress
v3/credentials API is admin-only Medium Steven Hardy (info) May 31, 2014 Alexey Miroshkin Fix Committed
test_user_mixed_case_attribute fails - mail, not email Low Richard Megginson (info) May 21, 2014 Richard Megginson Fix Committed
jsonutils should use simplejson on python 2.6 if available Low Ihar Hrachyshka (info) Apr 29, 2014 Ihar Hrachyshka Fix Committed
Race in db test cases Undecided Ben Nemec (info) Apr 17, 2014 Ilya Pekelny In Progress
V3 list users filter by email address throws exception Medium Haneef Ali (info) Apr 14, 2014 Juan Antonio Osorio Robles Fix Committed
the token still can be used if the EC2 credential has been deleted Medium wanghong (info) Apr 11, 2014 wanghong In Progress
Reconnect on failure for multiple servers always connects to first server Low Maru Newby (info) Apr 1, 2014 wanghong Triaged
revocation events: deleting a token revokes all tokens with same expiration High Morgan Fainberg (info) Mar 14, 2014 Morgan Fainberg In Progress
LDAP Identity Driver does not call delete_user or delete_group on the LDAP assignment api Medium Morgan Fainberg (info) Mar 12, 2014 Morgan Fainberg In Progress
ldap/core deleteTree not always supported Medium Richard Megginson (info) Feb 20, 2014 David Stanek In Progress
MySQL 2013 lost connection is being raised Undecided Flavio Percoco (info) Feb 15, 2014 Xurong Yang In Progress
Validation of paramaters during Create User Medium Rohit Karajgi (info) Jan 7, 2014 Adam Young Triaged
Horizon crashes when removing logged user from project Undecided Guilherme Birk (info) Nov 29, 2013 Facundo Maldonado Confirmed
Keystone token hashing is MD5 Wishlist Adam Young (info) Aug 30, 2013 Brant Knudson Fix Committed
Resources owned by a project/tenant are not cleaned up after that project is deleted from keystone High Lars Erik Pedersen (info) Aug 29, 2013 Dolph Mathews Fix Released
Password logging High Gabriel Hurley (info) Jul 17, 2012 Dolph Mathews Fix Released
A project shouldn't be deleted when there are instances running Undecided Yogev Rabl (info) New
Admin tenant can be deleted Undecided Ryan Hallisey (info) New
CENTOS 6.5 : starting keystone service Undecided reachparagm (info) New
Domain data remains in DB after domain is deleted Undecided Sukwon Oh (info) New
Keystone server didn't reuse connections to memcached Undecided Aleksandr Shaposhnikov (info) New
Keystone fails to start: "CRITICAL log logging_excepthook No module named utils" Undecided Marc Koderer (info) New
LDAP Critical extension is unavailable 500 error Low Ionuț Arțăriși (info) New
Oslo migrate.py does not have functionality to compute path to `migrate_repo`s Undecided Ilya Pekelny (info) Incomplete
Tempest failed to delete user Undecided Brant Knudson (info) New
Wrong return from list role assignments on KVS Undecided Samuel de Medeiros Queiroz (info) New
authenticate ldap binary fields fail when converting fields to utf8 Medium David Bingham (info) Triaged
endpoint list should support filtering by region v3 Undecided Takahiro Shida (info) New
keystone behavior when one memcache backend is down Undecided Sergii Golovatiuk (info) Confirmed
keystone user-role-delete operation fails when user no longer exists in backend Medium Mike Dorman (info) Triaged
keystonemiddleware appears not to hash PKIZ tokens Critical Kirill Zaborsky (info) Triaged
syslog setting does not work in keystone Undecided Yuhsuke Kaneyasu (info) Incomplete

 

Active Reviews in the past 7 days

Review

Owner

Status

Created

Updated

Updated from global requirements

NEW

Aug 4, 2014

Aug 22, 2014

Imported Translations from Transifex

NEW

Aug 5, 2014

Aug 22, 2014

Implemented caching in identity layer.

Ajaya Agrawal

NEW

Jul 30, 2014

Aug 21, 2014

Implemented caching in policy layer.

Ajaya Agrawal

NEW

Aug 11, 2014

Aug 21, 2014

Implemented caching in trust layer.

Ajaya Agrawal

NEW

Aug 11, 2014

Aug 22, 2014

Validation of parameters during user creation

Ajaya Agrawal

NEW

Aug 18, 2014

Aug 20, 2014

Add workaround to support tox 1.7.2

Alan Pevec

NEW

Aug 21, 2014

Aug 21, 2014

Enable filtering of credentials by user ID

Alexey Miroshkin

MERGED

Aug 11, 2014

Aug 19, 2014

Add tests to OS-INHERIT extension

Andre Aranha

ABANDONED

Jul 16, 2014

Aug 20, 2014

Add information regarding HTTPS for SSL enabled endpoints

Andre Naehring

NEW

May 26, 2014

Aug 22, 2014

Implementation of Endpoint Grouping

Bob Thyne

NEW

Aug 5, 2014

Aug 18, 2014

Integrate OSprofiler in Keystone

Boris Pavlovic

ABANDONED

Jun 28, 2014

Aug 19, 2014

Add audit support to keystone federation

Brad Topol

NEW

Aug 14, 2014

Aug 19, 2014

Allow fetching a plaintext revocation list

Brant Knudson

NEW

May 7, 2014

Aug 19, 2014

Enhance V3 extensions to provide JSON Home data

Brant Knudson

NEW

Jul 1, 2014

Aug 21, 2014

Enhance V3 extension class to integrate JSON Home data

Brant Knudson

NEW

Aug 3, 2014

Aug 21, 2014

Change V3 router classes to provide JSON Home data

Brant Knudson

NEW

Aug 3, 2014

Aug 22, 2014

Change OS-INHERIT extension to provide JSON Home data

Brant Knudson

NEW

Aug 3, 2014

Aug 21, 2014

Enhance V3 version controller to provide JSON Home response

Brant Knudson

NEW

Aug 3, 2014

Aug 22, 2014

Enhance V3 routers to store basic resource description

Brant Knudson

NEW

Aug 3, 2014

Aug 22, 2014

Provide the V3 routers to the V3 extension controller

Brant Knudson

NEW

Aug 3, 2014

Aug 22, 2014

Change the sub-routers to provide JSON Home data

Brant Knudson

NEW

Aug 3, 2014

Aug 21, 2014

Back off initial migration to 34

Brant Knudson

NEW

Aug 17, 2014

Aug 17, 2014

Back off initial migration to 35

Brant Knudson

NEW

Aug 17, 2014

Aug 17, 2014

add oslo.utils for testing with Keystoneclient master

Brant Knudson

NEW

Aug 17, 2014

Aug 19, 2014

No longer allow listing users by email

Brant Knudson

NEW

Aug 18, 2014

Aug 19, 2014

Enhance GET /v3 to handle Accept header

Brant Knudson

NEW

Aug 20, 2014

Aug 21, 2014

Bump stable/icehouse next version to 2014.1.3

Chuck Short

MERGED

Aug 8, 2014

Aug 19, 2014

keystone/exceptions.py: Explicitly import the '_' function

Cyril Roelandt

NEW

Apr 17, 2014

Aug 20, 2014

Fixing simple type in comment

David Lyle

MERGED

Aug 19, 2014

Aug 21, 2014

Fixes an issue with the XMLEquals matcher

David Stanek

MERGED

Jul 24, 2014

Aug 19, 2014

Updates keystone.catalog.core.format_url tests

David Stanek

NEW

Aug 2, 2014

Aug 22, 2014

Fixes catalog URL formatting to never return None

David Stanek

NEW

Aug 2, 2014

Aug 22, 2014

Ignore broken endpoints in get_catalog

David Stanek

NEW

Aug 2, 2014

Aug 22, 2014

Ignore broken endpoints in get_v3_catalog

David Stanek

NEW

Aug 2, 2014

Aug 22, 2014

Sets a default timeout for cached data

David Stanek

NEW

Aug 12, 2014

Aug 18, 2014

Updates package comment to be more accurate.

David Stanek

NEW

Aug 14, 2014

Aug 19, 2014

Sync Py2 and Py3 requirements files

David Stanek

NEW

Aug 20, 2014

Aug 21, 2014

move GET /v3/catalog to GET /v3/auth/catalog

Dolph Mathews

ABANDONED

Jul 18, 2014

Aug 21, 2014

revise docs on default member role

Dolph Mathews

NEW

Jul 30, 2014

Aug 21, 2014

switch from sample_config.sh to oslo-config-generator

Dolph Mathews

NEW

Aug 13, 2014

Aug 21, 2014

backend for policy endpoint extension

Henry Nash

NEW

Aug 19, 2014

Aug 21, 2014

controller for the endpoint policy extension

Henry Nash

NEW

Aug 20, 2014

Aug 21, 2014

Add notifications for policy, region, service and endpoint.

Henry Nash

MERGED

Aug 20, 2014

Aug 21, 2014

Correct the signature for some catalog abstract method signatures.

Henry Nash

MERGED

Aug 21, 2014

Aug 21, 2014

migration: adopt for MySQL Connector

Ihar Hrachyshka

ABANDONED

Jul 29, 2014

Aug 19, 2014

Use metadata.create_all() to fill a test database

Ilya Pekelny

NEW

May 14, 2014

Aug 21, 2014

Create authentication specific routes

Jamie Lennox

MERGED

Aug 18, 2014

Aug 21, 2014

Redirect stdout and stderr when using subprocess

Jeffrey Zhang

NEW

Oct 14, 2013

Aug 20, 2014

Enable filtering of services by name

Juan Antonio Osorio Robles

NEW

Jul 31, 2014

Aug 19, 2014

Endpoint table is missing reference to region table

Kanagaraj Manickam

NEW

Aug 11, 2014

Aug 22, 2014

Standardizing the Federation Process

Kristy Siu

NEW

Jul 8, 2014

Aug 21, 2014

Implement validation on Assignment V3 API

Lance Bragstad

NEW

Apr 10, 2014

Aug 21, 2014

Implement validation on the Catalog V3 resources

Lance Bragstad

NEW

May 28, 2014

Aug 22, 2014

Implement group related methods for LDAP backend

Marcos Lobo

NEW

Jun 24, 2014

Aug 21, 2014

Error on _ldap_get_list without attrlist value

Marcos Lobo

NEW

Aug 18, 2014

Aug 20, 2014

IdP SAML Metadata generator

Marek Denis

NEW

Aug 17, 2014

Aug 21, 2014

Generate IdP Metadata with keystone-manage.

Marek Denis

NEW

Aug 20, 2014

Aug 22, 2014

Routes for Keystone-IdP metadata endpoint.

Marek Denis

NEW

Aug 21, 2014

Aug 21, 2014

PoC external auth using user mapping

Matthieu Huin

ABANDONED

May 5, 2014

Aug 20, 2014

Remove trust dependency on token_api

Morgan Fainberg

NEW

Jul 25, 2014

Aug 21, 2014

Remove `with_lockmode` use from Trust SQL backend.

Morgan Fainberg

NEW

Aug 8, 2014

Aug 18, 2014

Update AuthContextMiddleware to not use token_api

Morgan Fainberg

NEW

Aug 12, 2014

Aug 21, 2014

Add _repr_ to KeystoneToken model

Morgan Fainberg

NEW

Aug 12, 2014

Aug 21, 2014

Add audit ids to tokens

Morgan Fainberg

MERGED

Aug 14, 2014

Aug 22, 2014

Revoke by Audit Id / Audit Id Chain instead of expires

Morgan Fainberg

NEW

Aug 18, 2014

Aug 21, 2014

Sync with oslo-incubator

Morgan Fainberg

MERGED

Aug 18, 2014

Aug 22, 2014

Remove SAML2 plugin dependency on token_api

Morgan Fainberg

NEW

Aug 18, 2014

Aug 22, 2014

Remove identity_api dependency on token_api

Morgan Fainberg

NEW

Aug 18, 2014

Aug 21, 2014

Add extra guarding to revoke_by_audit_id methods

Morgan Fainberg

NEW

Aug 18, 2014

Aug 20, 2014

Remove wsgi and base controller dependency on token_api

Morgan Fainberg

NEW

Aug 19, 2014

Aug 21, 2014

Remove assignment_api dependency on token_api

Morgan Fainberg

NEW

Aug 19, 2014

Aug 21, 2014

Notification Constant Cleanup and internal notify type

Morgan Fainberg

NEW

Aug 19, 2014

Aug 21, 2014

Remove oauth controller dependency on token_api

Morgan Fainberg

NEW

Aug 19, 2014

Aug 22, 2014

Mark methods on token_api deprecated

Morgan Fainberg

NEW

Aug 19, 2014

Aug 22, 2014

Non-persistent Token Driver

Morgan Fainberg

NEW

Aug 19, 2014

Aug 19, 2014

Convert to urlsafe base64 audit ids

Morgan Fainberg

MERGED

Aug 20, 2014

Aug 22, 2014

Allow LDAP lock attributes to be used as enable attributes

Nathan Kinder

MERGED

Jul 3, 2014

Aug 21, 2014

Implicitly ignore attributes that are mapped to None in LDAP

Nathan Kinder

MERGED

Aug 13, 2014

Aug 18, 2014

Use callback/notification framework for deletes

Pablo Fernando Cargnelutti

ABANDONED

Mar 13, 2014

Aug 20, 2014

ldap/core deleteTree not always supported

Richard Megginson

NEW

Feb 20, 2014

Aug 21, 2014

better handling for empty/None ldap values

Richard Megginson

NEW

Feb 24, 2014

Aug 19, 2014

Use mail for the default LDAP email attribute name

Richard Megginson

MERGED

May 21, 2014

Aug 18, 2014

Add parent_project_id field

Rodrigo Duarte

NEW

Aug 4, 2014

Aug 21, 2014

Create, update and delete hierarchical projects

Rodrigo Duarte

NEW

Aug 4, 2014

Aug 21, 2014

Base methods to handle hierarchical projects

Rodrigo Duarte

NEW

Aug 4, 2014

Aug 21, 2014

Remove trailing space in tox.ini

Sergey Lukjanov

NEW

Aug 13, 2014

Aug 16, 2014

Transform a Keystone token to a SAML assertion

Steve Martinelli

NEW

Jul 30, 2014

Aug 21, 2014

Add CADF notifications for role assignment create and delete

Steve Martinelli

NEW

Aug 6, 2014

Aug 22, 2014

Create SAML generation route and controller

Steve Martinelli

NEW

Aug 14, 2014

Aug 21, 2014

Expose context to create grant and delete grant

Steve Martinelli

MERGED

Aug 17, 2014

Aug 19, 2014

Use python convention for function names in test_notifications

Steve Martinelli

MERGED

Aug 17, 2014

Aug 19, 2014

Create additional docs for role assignment events

Steve Martinelli

NEW

Aug 17, 2014

Aug 20, 2014

Fix Unicode decode error with Windows AD as identity backend

Yaguang Tang

NEW

Aug 22, 2014

Aug 22, 2014

delete the tokens when deleting ec2 credential

wanghong

ABANDONED

Apr 15, 2014

Aug 19, 2014

add --rebuild option for ssl/pki_setup

wanghong

NEW

Apr 17, 2014

Aug 18, 2014

trustor_user_id not available in v2 trust token

wanghong

NEW

Jun 23, 2014

Aug 22, 2014

V2 token from trust cannot be generated with user/pass

wanghong

NEW

Aug 6, 2014

Aug 22, 2014

remove default check keys in assertValidEntity

wanghong

NEW

Aug 7, 2014

Aug 20, 2014

Notes

Icon
 

  • No labels