OpenStack Identity (keystone)

  1. Bug #1037683
  2. Comment #2

Comment 2 for bug 1037683

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/11483
Committed: http://github.com/openstack/keystone/commit/7b70818954c2bc80bbfbb7679e0de9a483ee0c61
Submitter: Jenkins
Branch: master

commit 7b70818954c2bc80bbfbb7679e0de9a483ee0c61
Author: Maru Newby <email address hidden>
Date: Wed Aug 8 20:49:23 2012 -0400

    PKI Token revocation

    Co-authored-by: Adam Young <email address hidden>

    Token revocations are captured in the backends,

    During upgrade, all previous tickets are defaulted to valid.

    Revocation list returned as a signed document and can be fetched in an admin context via HTTP

    Change config values for enable diable PKI

    In the auth_token middleware, the revocation list is fetched prior
    to validating tokens. Any tokens that are on the revocation list
    will be treated as invalid.

    Added in PKI token tests that check the same logic as the UUID tests.
    Sample data for the tests is read out of the signing directory.

    dropped number on sql scripts to pass tests.

    Also fixes 1031373

    Bug 1037683

    Change-Id: Icef2f173e50fe3cce4273c161f69d41259bf5d23