delta/openstack/python-keystoneclient.git, branch stable/kilo opendev.org: openstack/python-keystoneclient.git Updated from global requirements 2016-04-29T22:58:08+00:00 OpenStack Proposal Bot openstack-infra@lists.openstack.org 2016-04-29T22:58:08+00:00 698b3475c51ea4af836b05756f0884dc6257b9b7 Change-Id: Id5d2aed9115a4b8e325a4be34172d4e239256aa5 
Change-Id: Id5d2aed9115a4b8e325a4be34172d4e239256aa5
Updated from global requirements 2016-04-20T17:12:49+00:00 OpenStack Proposal Bot openstack-infra@lists.openstack.org 2016-04-20T17:12:49+00:00 27bf39ee5fbb667e3c2dd6c075cea8a76f04b0dc Change-Id: I09b0b8728efddad7446db1e14931d9e65b4cfc6a 
Change-Id: I09b0b8728efddad7446db1e14931d9e65b4cfc6a
Updated from global requirements 2016-02-06T08:30:18+00:00 OpenStack Proposal Bot openstack-infra@lists.openstack.org 2016-02-06T08:30:18+00:00 fd096540e8e57b6bd7c923f4cb4ad6616d103cc8 Change-Id: I4133bb4bcb55083ba1934a442ef2da8ab8d19c88 
Change-Id: I4133bb4bcb55083ba1934a442ef2da8ab8d19c88
Remove hardcoded endpoint filter for update password 2015-11-30T18:46:23+00:00 Haneef Ali haneef.ali@hp.com 2015-10-06T22:51:12+00:00 e81856f4963d768fa286a9b2d2a40a6663810f6d User password update hardcoded the endpoint_filter to always use the public endpoint. This will break deployments where services behind the firewall have no access to the public endpoint. Endpoint selection should be allowed by the end user (i.e. openstack --os-interface internal user password set). Closes-Bug: 1503459 Change-Id: Ib11d60cd8e81b99aedb27f1cbbf6b79218045cf0 (cherry picked from commit d47da3b59c581dd3bb6bd4d75de819d0fd734fa5) 
User password update hardcoded the endpoint_filter to always use the public
endpoint. This will break deployments where services behind the firewall have
no access to the public endpoint. Endpoint selection should be allowed
by the end user (i.e. openstack --os-interface internal user password set).

Closes-Bug: 1503459

Change-Id: Ib11d60cd8e81b99aedb27f1cbbf6b79218045cf0
(cherry picked from commit d47da3b59c581dd3bb6bd4d75de819d0fd734fa5)
Updated from global requirements 2015-11-17T23:17:40+00:00 OpenStack Proposal Bot openstack-infra@lists.openstack.org 2015-11-17T23:17:40+00:00 2c69e9b55e45d73eaad76aea7b7f4e3cfb8d8bb7 Change-Id: Ie7e77ced616d9e6d36fdc4fb75f51c6823ff057a 
Change-Id: Ie7e77ced616d9e6d36fdc4fb75f51c6823ff057a
Mask passwords when logging the HTTP response 2015-10-09T18:11:43+00:00 Matt Riedemann mriedem@us.ibm.com 2015-08-31T19:32:25+00:00 ec70eb02f8a5889828cde786694283240f64c5c4 We should sanitize the response body before logging to make sure we aren't leaking through credentials like in the case of the response from the os-initialize_connection volume API. Closes-Bug: #1490693 NOTE(mriedem): The test is slightly different in kilo because the _http_log_response method requires kwargs. Change-Id: Ifd95d3fb624b4636fb72cc11762af62e00a026a0 (cherry picked from commit 3e26ff824801d5084791a52980021784e794e35f) 
We should sanitize the response body before logging to make sure we
aren't leaking through credentials like in the case of the response from
the os-initialize_connection volume API.

Closes-Bug: #1490693

NOTE(mriedem): The test is slightly different in kilo because the
_http_log_response method requires kwargs.

Change-Id: Ifd95d3fb624b4636fb72cc11762af62e00a026a0
(cherry picked from commit 3e26ff824801d5084791a52980021784e794e35f)
Updated from global requirements 2015-10-07T00:48:37+00:00 OpenStack Proposal Bot openstack-infra@lists.openstack.org 2015-10-07T00:48:37+00:00 5b5daaadabcdff891f42cc57e356035e6ea72a14 Change-Id: I5d75bea647a6374c7c85ae6d818c635b496f6f4e 
Change-Id: I5d75bea647a6374c7c85ae6d818c635b496f6f4e
Merge "Sync oslo-incubator common code" into stable/kilo 2015-10-06T20:40:05+00:00 Jenkins jenkins@review.openstack.org 2015-10-06T20:40:05+00:00 6457a9fdb33d2e7e49bc81edadf11c048fd66411 






Redirect on 303 in SAML plugin
2015-10-02T01:47:16+00:00

Jamie Lennox
jamielennox@redhat.com

2015-10-01T21:17:21+00:00

805c9d6563f5920ed8a1763fa0b1007f549b998e

The SAML plugin handles redirects in a custom manner but currently only
checks for the 302 redirect code. This doesn't cover the mod_auth_mellon
case which responds with a 303.

Also handle the 303 redirect case.

Change-Id: Idab5f381fcbfb8c561184845d3aa5c8aab142ecd
Closes-Bug: #1501918
(cherry picked from commit 9cd71c064c77a22a0a58084a2abab77b023017b5)





The SAML plugin handles redirects in a custom manner but currently only
checks for the 302 redirect code. This doesn't cover the mod_auth_mellon
case which responds with a 303.

Also handle the 303 redirect case.

Change-Id: Idab5f381fcbfb8c561184845d3aa5c8aab142ecd
Closes-Bug: #1501918
(cherry picked from commit 9cd71c064c77a22a0a58084a2abab77b023017b5)







Merge "Fix Accept header in SAML2 requests" into stable/kilo
2015-09-24T14:00:25+00:00

Jenkins
jenkins@review.openstack.org

2015-09-24T14:00:25+00:00

7d243119abc04ccc0a29eaa2ab715924e17f7adb