← Back to branch summary

~ubuntu-branches/ubuntu/precise/keystone/precise-proposed

« back to all changes in this revision

Viewing changes to doc/keystone_compat_flows.sdx

  • Committer: Package Import Robot
  • Author(s): Yolanda
  • Date: 2013-04-23 10:30:16 UTC
  • mfrom: (1.1.19) (25.1.5 precise-security)
  • Revision ID: package-import@ubuntu.com-20130423103016-ek52apfytgftjaod
Tags: 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1
https://launchpad.net/bugs/1089488
https://launchpad.net/bugs/1064914
https://launchpad.net/bugs/1073569
https://launchpad.net/bugs/1056373
https://launchpad.net/bugs/1050025
https://launchpad.net/bugs/1041396
https://launchpad.net/bugs/1046905
https://launchpad.net/bugs/1040626
* Resynchronize with stable/essex (LP: #1089488):
  - [7402f5e] EC2 authentication does not ensure user or tenant is enabled
    LP: 1121494
  - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
  - [7b5b72f] Add size validations for /tokens.
  - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333
  - [8735009] Removing user from a tenant isn't invalidating user access to
    tenant (LP: #1064914)
  - [025b1d5] Jenkins jobs fail because of incompatibility between sqlalchemy-
    migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
  - [ddb4019] Open 2012.1.4 development
  - [0e1f05e] memcache driver needs protection against unicode user keys
    (LP: #1056373)
  - [176ee9b] Token invalidation in case of role grant/revoke should be
    limited to affected tenant (LP: #1050025)
  - [58ac669] Token validation includes revoked roles (CVE-2012-4413)
    (LP: #1041396)
  - [cd1e48a] Memcached Token Backend does not support list tokens
    (LP: #1046905)
  - [5438d3b] Update user's default tenant partially succeeds without authz
    (LP: #1040626)
* Dropped patches, superseeded by new snapshot:
  - debian/patches/CVE-2013-0282.patch [7402f5e]
  - debian/patches/CVE-2013-1664+1665.patch [8945567]
  - debian/patches/keystone-CVE-2012-5571.patch [8735009]
  - debian/patches/keystone-CVE-2012-4413.patch [58ac669]
  - debian/patches/keystone-CVE-2012-3542.patch [5438d3b]
* Refreshed patches:
  - debian/patches/CVE-2013-0247.patch
  - debian/patches/fix-ubuntu-tests.patch

Show diffs side-by-side

added added

removed removed

Lines of Context:
doc/keystone_compat_flows.sdx
1
 
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
2
 
<diagram>
3
 
<source><![CDATA[client:client "Client"
4
 
compat:compat "Compat"
5
 
token:token "Token Service"
6
 
identity:identity "Identity Service"
7
 
catalog:catalog "Catalog Service"
8
 
 
9
 
[c "Auth, No Tenant"]
10
 
client:{token, user, service_catalog}=compat.POST /v2.0/tokens {'username': user, 'password': password}
11
 
        compat:(user, password, None)=identity.authenticate(user, password, tenant=None)
12
 
        compat:(id, user, password, None)=token.create_token(user, password, tenant=None)
13
 
        compat:{service_catalog (includes all tenants)}=catalog.get_catalog(user, None)
14
 
[/c]
15
 
 
16
 
[c "Auth, With Tenant"]
17
 
client:{scoped_token, user, service_catalog}=compat.POST /v2.0/tokens {'username': user, 'password': password, 'tenant': tenant}
18
 
        compat:(user, password, tenant)=identity.authenticate(user, password, tenant)
19
 
        compat:(id, user, password, tenant)=token.create_token(user, password, tenant)
20
 
        compat:{service_catalog (includes all tenants)}=catalog.get_catalog(user, tenant)
21
 
[/c]
22
 
 
23
 
[c "Validate Token, Unscoped"]
24
 
client:{token, user, tenant=None}=compat.GET /v2.0/tokens/$token
25
 
compat:{token, user, tenant}=token.get_token($token)
26
 
[/c]
27
 
 
28
 
[c "Validate Token, With Tenant"]
29
 
client:{token, user, tenant}=compat.GET /v2.0/tokens/$token?belongs_to=$tenant
30
 
compat:{token, user, tenant}=token.get_token($token)
31
 
[/c]
32
 
 
33
 
[c "Tenants for Token"]
34
 
client:{tenants}=compat.(X-Auth-Token: $token) GET /v2.0/tenants
35
 
compat:{token, user, tenant}=token.get_token($token)
36
 
compat:{token, user, tenant}=identity.get_tenants($user)
37
 
[/c]]]></source>
38
 
<configuration>
39
 
<property name="activationBarBorderThickness" value="1"/>
40
 
<property name="actorWidth" value="25"/>
41
 
<property name="arrowColor" value="-14803256"/>
42
 
<property name="arrowSize" value="6"/>
43
 
<property name="arrowThickness" value="1"/>
44
 
<property name="colorizeThreads" value="true"/>
45
 
<property name="destructorWidth" value="30"/>
46
 
<property name="explicitReturns" value="false"/>
47
 
<property family="Dialog" name="font" size="12" style="0"/>
48
 
<property name="fragmentBorderThickness" value="2"/>
49
 
<property name="fragmentEdgeColor" value="-16751616"/>
50
 
<property name="fragmentLabelBgColor" value="-36"/>
51
 
<property name="fragmentMargin" value="8"/>
52
 
<property name="fragmentPadding" value="10"/>
53
 
<property name="fragmentTextPadding" value="3"/>
54
 
<property name="glue" value="10"/>
55
 
<property name="headHeight" value="35"/>
56
 
<property name="headLabelPadding" value="5"/>
57
 
<property name="headWidth" value="100"/>
58
 
<property name="initialSpace" value="10"/>
59
 
<property name="labeledBoxBgColor" value="-76"/>
60
 
<property name="leftMargin" value="5"/>
61
 
<property name="lifelineThickness" value="1"/>
62
 
<property name="lineWrap" value="false"/>
63
 
<property name="lowerMargin" value="5"/>
64
 
<property name="mainLifelineWidth" value="8"/>
65
 
<property name="messageLabelSpace" value="3"/>
66
 
<property name="messagePadding" value="6"/>
67
 
<property name="noteBgColor" value="-76"/>
68
 
<property name="noteBorderThickness" value="1"/>
69
 
<property name="noteMargin" value="6"/>
70
 
<property name="notePadding" value="6"/>
71
 
<property name="opaqueMessageText" value="false"/>
72
 
<property name="returnArrowVisible" value="true"/>
73
 
<property name="rightMargin" value="5"/>
74
 
<property name="selfMessageHorizontalSpace" value="15"/>
75
 
<property name="separatorBottomMargin" value="8"/>
76
 
<property name="separatorTopMargin" value="15"/>
77
 
<property name="shouldShadowParticipants" value="true"/>
78
 
<property name="slackMode" value="false"/>
79
 
<property name="spaceBeforeActivation" value="2"/>
80
 
<property name="spaceBeforeAnswerToSelf" value="10"/>
81
 
<property name="spaceBeforeConstruction" value="6"/>
82
 
<property name="spaceBeforeSelfMessage" value="7"/>
83
 
<property name="subLifelineWidth" value="6"/>
84
 
<property name="tc0" value="-1118482"/>
85
 
<property name="tc1" value="-256"/>
86
 
<property name="tc2" value="-65536"/>
87
 
<property name="tc3" value="-16776961"/>
88
 
<property name="tc4" value="-16711936"/>
89
 
<property name="tc5" value="-4144960"/>
90
 
<property name="tc6" value="-65281"/>
91
 
<property name="tc7" value="-14336"/>
92
 
<property name="tc8" value="-20561"/>
93
 
<property name="tc9" value="-12566464"/>
94
 
<property name="threadNumbersVisible" value="false"/>
95
 
<property name="threaded" value="true"/>
96
 
<property name="upperMargin" value="5"/>
97
 
<property name="verticallySplit" value="true"/>
98
 
</configuration>
99
 
</diagram>