extracting credentials

Moves the credentials API into its own backend. LDAP was not going to be able to support credentials. Even with a custom schema, many people are using LDAP in read only mode, which means that they would not be able to use the credentials API at all. By splitting it out, we have a workable solution for both SQL and LDAP Identity backends. Drops the Foreign Key constraints off the Credentials table, as there is now no guaranttee that users are stored in the same backend. Blueprint extract-credentials-id Change-Id: I10ad4b36c6f03d1712621eaffcfefa48a5453aff
author: Adam Young <ayoung@redhat.com> 2013-05-06 14:09:07 -0400
committer: Adam Young <ayoung@redhat.com> 2013-05-17 11:08:54 -0400
commit: d95adc1ac82b34372cd037467d0f60200a6e0a72 (patch)
tree: baa82c30f85815e9623d0c1cd3eef6b6494e56b2 /etc
parent: 2e15fe428a2393f786852eb28c26bb9fee166bda (diff)
download: keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.tar.gz
keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.tar.xz
keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index 5344cdf3..21d3a07b 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -91,6 +91,9 @@
 # exist to order to maintain support for your v2 clients.
 # default_domain_id = default
 
+[credential]
+# driver = keystone.credential.backends.sql.Credential
+
 [trust]
 # driver = keystone.trust.backends.sql.Trust
author	Adam Young <ayoung@redhat.com>	2013-05-06 14:09:07 -0400
committer	Adam Young <ayoung@redhat.com>	2013-05-17 11:08:54 -0400
commit	d95adc1ac82b34372cd037467d0f60200a6e0a72 (patch)
tree	baa82c30f85815e9623d0c1cd3eef6b6494e56b2 /etc
parent	2e15fe428a2393f786852eb28c26bb9fee166bda (diff)
download	keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.tar.gz keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.tar.xz keystone-d95adc1ac82b34372cd037467d0f60200a6e0a72.zip