During upgrade, all previous tickets are defaulted to valid.
Revocation list returned as a signed document and can be fetched in an admin context via HTTP
Change config values for enable diable PKI
In the auth_token middleware, the revocation list is fetched prior
to validating tokens. Any tokens that are on the revocation list
will be treated as invalid.
Added in PKI token tests that check the same logic as the UUID tests.
Sample data for the tests is read out of the signing directory.
Reviewed: https:/ /review. openstack. org/11483 github. com/openstack/ keystone/ commit/ 7b70818954c2bc8 0bbfbb7679e0de9 a483ee0c61
Committed: http://
Submitter: Jenkins
Branch: master
commit 7b70818954c2bc8 0bbfbb7679e0de9 a483ee0c61
Author: Maru Newby <email address hidden>
Date: Wed Aug 8 20:49:23 2012 -0400
PKI Token revocation
Co-authored-by: Adam Young <email address hidden>
Token revocations are captured in the backends,
During upgrade, all previous tickets are defaulted to valid.
Revocation list returned as a signed document and can be fetched in an admin context via HTTP
Change config values for enable diable PKI
In the auth_token middleware, the revocation list is fetched prior
to validating tokens. Any tokens that are on the revocation list
will be treated as invalid.
Added in PKI token tests that check the same logic as the UUID tests.
Sample data for the tests is read out of the signing directory.
dropped number on sql scripts to pass tests.
Also fixes 1031373
Bug 1037683
Change-Id: Icef2f173e50fe3 cce4273c161f69d 41259bf5d23