Difference between revisions of "Keystone"
Line 10: | Line 10: | ||
'''Code''' | '''Code''' | ||
− | + | * [http://github.com/rackspace/keystone http://github.com/openstack/keystone] | |
'''Releases''' | '''Releases''' | ||
Line 19: | Line 19: | ||
* Essex (Keystone is part of [[OpenStack]] core for Essex) | * Essex (Keystone is part of [[OpenStack]] core for Essex) | ||
** Call for blueprints | ** Call for blueprints | ||
− | *** [[Keystone-Essex-BP-UserStructure|User structure]] | + | *** [[Keystone-Essex-BP-UserStructure|User structure]] ([https://blueprints.launchpad.net/keystone/+spec/essex-keystone-user-structure blueprint]) |
− | *** [[Keystone-Essex-BP-AuthZ|AuthZ structure]] | + | *** [[Keystone-Essex-BP-AuthZ|AuthZ structure]] ([https://blueprints.launchpad.net/keystone/+spec/essex-keystone-authz-structure blueprint]) |
Revision as of 14:24, 6 September 2011
What is Keystone?
Keystone is the identity service used by OpenStack for authentication (authN) and high-level authorization (authZ). It currently supports token-based authN and user-service authorization. It is scalable to include oAuth, SAML and openID in future versions. Out of the box, Keystone uses a SQLite DB as an identity store with the option to connect to external LDAP.
Doc
Code
Releases
- Diablo
- Core functionality (calls shared by all implementations)
- Extensions(calls that are specific to the implementation; ie: enabling company "ACME" user, role, and group structure)
- Essex (Keystone is part of OpenStack core for Essex)
- Call for blueprints