diff options
Diffstat (limited to 'doc/source')
| -rw-r--r-- | doc/source/configuration.rst | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index 0a2d9339..eb08a49c 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -79,6 +79,7 @@ following sections: * ``[signing]`` - cryptographic signatures for PKI based tokens * ``[ssl]`` - SSL configuration * ``[auth]`` - Authentication plugin configuration +* ``[os_inherit]`` - Inherited Role Assignment extension * ``[paste_deploy]`` - Pointer to the PasteDeploy configuration file The Keystone primary configuration file is expected to be named ``keystone.conf``. @@ -485,6 +486,17 @@ In addition to changing their password all of the users current tokens will be deleted (if the backend used is kvs or sql) +Inherited Role Assignment Extension +----------------------------------- + +Keystone provides an optional extension that adds the capability to assign roles to a domain that, rather than +affect the domain itself, are instead inherited to all projects owned by theat domain. This extension is disabled by +default, but can be enabled by including the following in ``keystone.conf``. + + [os_inherit] + enabled = True + + Sample Configuration Files -------------------------- |