diff options
| author | Derek Higgins <derekh@redhat.com> | 2012-07-05 22:15:48 +0100 |
|---|---|---|
| committer | Derek Higgins <derekh@redhat.com> | 2012-07-10 11:06:11 +0100 |
| commit | 4ab47ad224c422dcd96aa256740945d1e6a8a208 (patch) | |
| tree | 0d4c27ae82696ab68e3d830b12af5f1e26015e4f /doc/source | |
| parent | ec9c038ba28af4273aae81450249e3691a2c2cb6 (diff) | |
| download | keystone-4ab47ad224c422dcd96aa256740945d1e6a8a208.tar.gz keystone-4ab47ad224c422dcd96aa256740945d1e6a8a208.tar.xz keystone-4ab47ad224c422dcd96aa256740945d1e6a8a208.zip | |
Adding user password setting api call
Fixes bug 996922
This commit adds a user_crud module that can be used in the public wsgi
pipeline, currently the only operation included allows a user to update
their own password.
In order to change their password a user should make a HTTP PATCH to
/v2.0/OS-KSCRUD/users/<userid>
with the json data fomated like this
{"user": {"password": "DCBA", "original_password": "ABCD"}}
in addition to changing the users password, all current tokens
will be cleared (for token backends that support listing) and
a new token id will be returned.
Change-Id: I0cbdafbb29a5b6531ad192f240efb9379f0efd2d
Diffstat (limited to 'doc/source')
| -rw-r--r-- | doc/source/configuration.rst | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index 415ee539..fbeab5e1 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -235,6 +235,30 @@ certificates:: * ``ca_certs``: Path to CA trust chain. * ``cert_required``: Requires client certificate. Defaults to False. +User CRUD +--------- + +Keystone provides a user CRUD filter that can be added to the public_api +pipeline. This user crud filter allows users to use a HTTP PATCH to change +their own password. To enable this extension you should define a +user_crud_extension filter, insert it after the ``*_body`` middleware +and before the ``public_service`` app in the public_api WSGI pipeline in +keystone.conf e.g.:: + + [filter:user_crud_extension] + paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory + + [pipeline:public_api] + pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service + +Each user can then change their own password with a HTTP PATCH :: + + > curl -X PATCH http://localhost:5000/v2.0/OS-KSCRUD/users/<userid> -H "Content-type: application/json" \ + -H "X_Auth_Token: <authtokenid>" -d '{"user": {"password": "ABCD", "original_password": "DCBA"}}' + +In addition to changing their password all of the users current tokens will be +deleted (if the backend used is kvs or sql) + Sample Configuration Files -------------------------- |