settingsLogin | Registersettings

Recent activity by Alexander_V_Makarov

15 responses 18 views

Nova has policy defaults in code now and we can generate the sample using oslopolicy-sample-generator but we'd like to get the default policy sample in the Nova developer documentation also, like we have for nova.conf.sample. I see we use ...

responded Sep 22, 2016 in openstack-dev
3 responses 16 views

Hello Steve. Thank you very much for your great work on OAuth 1 authentication for Keystone. (1) I have configured Keystone for Federation by following the instructions below. Then I can log in to OpenStack through Shibboleth identity ...

responded Sep 14, 2016 in openstack-dev
3 responses 16 views

Hi, I am experimenting the Keystone Trusts feature with a script which creates a trust between two users. import keystoneclient.v3 as keystoneclient #import swiftclient.client as swiftclient auth_url_v3 = 'http:/' demo = ...

responded Sep 1, 2016 in openstack-dev
5 responses 104 views

Dear Team, I am installing openstack mitaka on my debian machine. I followed the steps mentioned in the user manual, while I am trying to register the keystone service, I am getting 404 error and the error log shows ...

responded Aug 8, 2016 in openstack
5 responses 619 views

Hi, I’m having a bit of fun try to use AD for identifying and authorising Users on Openstack . The idea is to use AD for read-only access to users/group definitions, but all authorisation data to be stored in SQL. What works: Users can be ...

responded Aug 2, 2016 in openstack
4 responses 17 views

Colleagues, here is an actual use case for shadow users assignments, let's discuss possible solutions: all suggestions are appreciated. ---------- Forwarded message ---------- From: Andrey Grebennikov Date: Tue, May 24, 2016 at 9:43 AM ...

asked May 24, 2016 in openstack-dev
2 responses 11 views

Hi! I'm working on unifying all the models that store actor access rights to the resources [0], and now I'm wondering if we can just drop current OAuth1 implementation [1]. It's definitely not perfect and require considerable effort to ...

asked Mar 17, 2016 in openstack-dev
54 responses 23 views

Hello all, tl;dr ===== I have long thought that the OpenStack Summits have become too commercial and provide little value to the software engineers contributing to OpenStack. I propose the following: 1) Separate the design summits from the ...

responded Feb 7, 2016 in openstack-dev
23 responses 47 views

In the Fuel project, we recently ran into few issues with Apache2 + mod_wsgi as we switched Keystone to run in that environment and we started a large battery of tests and ended up seeing these issues. Please see [1] and [2] for examples. ...

responded Sep 18, 2015 in openstack-dev
35 responses 256 views

Greetings! I'd like to discuss pro's and contra's of having Fernet encryption keys stored in a database backend. The idea itself emerged during discussion about synchronizing rotated keys in HA environment. Now Fernet keys are stored in the ...

asked Jul 27, 2015 in openstack-dev
11 responses 24 views

Colleagues, I would like to request an exception from the Feature Freeze for Fernet tokens support added to the fuel-library in the following CR: Keystone part of the feature is implemented in the ...

responded Jul 27, 2015 in openstack-dev
2 responses 21 views

---------- Forwarded message ---------- From: Alexander Makarov Date: Thu, Jul 23, 2015 at 5:30 PM Subject: [MOS] [fuel-library] [keystone] [FFE] FF Exception request for Fernet tokens support. To: Vitaly Sedelnik , Eugene Bogdanov < ...

asked Jul 23, 2015 in openstack-dev
21 responses 174 views

Hello, Decided to start a new thread due to too much technical details in old thread. (You can see thread *[openstack-dev] [keystone] [nova]* ) *The problem:* Trusts can not be used to retrieve a token for further work with python-client. I ...

responded Feb 19, 2015 in openstack-dev
8 responses 34 views

Hi ! I investigated trust's use cases and encountered the problem: When I use auth_token obtained from keystoneclient using trust, I get *403* Forbidden error: *You are not authorized to perform the requested action.* Steps to reproduce: - ...

responded Feb 13, 2015 in openstack-dev
0 responses 3 views

Greetings! I think I found a problem in extra attributes handling in LDAP backend. Also I'd like to propose a solution :) There is a bug "LDAP additional attribute mappings do not care about ...

asked Sep 5, 2014 in openstack-dev
Drop us a note if you have suggestions on other community mailing lists that should be made searchable here.

For the corporate mailing lists, visit or send a note here

31,319 questions

91,190 responses


5,642 users