Add support for authentication using keystone v3 API
Authentication using Keystone v3 API requires some changes to swift keystoneauth middleware and python-swiftclient.
Python-swiftclient will need to handle additional options to specify domain membership of users and tenants/project.
Keystoneauth needs to handle cross container ACLs differently given that usernames are not globally unique with keystone v3.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Alistair Coles
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- Accepted for juno
- Implementation:
- Implemented
- Milestone target:
- 2.2.0
- Started by
- John Dickinson
- Completed by
- John Dickinson
Related branches
Related bugs
Bug #1299146: keystoneauth middleware not domain aware (keystone v3 issue) | Fix Released |
Sprints
Whiteboard
Wiki page with notes on handling container ACLs with v3 domains https:/
Add keystone v3 auth support to python-swiftclient:
https:/
Gerrit topic: https:/
Addressed by: https:/
Restrict keystone cross-tenant ACLs to IDs
Addressed by: https:/
Update documentation for using keystone auth
Addressed by: https:/
Fix internal link to keystoneauth in documentation
Gerrit topic: https:/
Addressed by: https:/
Merge master to feature/ec
Gerrit topic: https:/
Addressed by: https:/
Merge master to feature/ec