From 3b1cdf2ab31e47b020ffa9af36f9593290b043f8 Mon Sep 17 00:00:00 2001 From: Ramana Juvvadi Date: Tue, 10 May 2011 08:54:12 -0500 Subject: Modified the README --- README | 205 +++++++++++++++++++++++++++++++++++++++++++++ README.auth-server | 62 -------------- README.md | 163 ----------------------------------- etc/keystone.conf | 4 +- test/unit/test_identity.py | 1 - 5 files changed, 208 insertions(+), 227 deletions(-) create mode 100644 README delete mode 100644 README.auth-server delete mode 100644 README.md diff --git a/README b/README new file mode 100644 index 00000000..210e0518 --- /dev/null +++ b/README @@ -0,0 +1,205 @@ +Keystone: Identity Service +========================== + +Keystone is a proposed independent authentication service for [OpenStack](http://www.openstack.org). + +This initial proof of concept aims to address the current use cases in Swift and Nova which are: + +* REST-based, token auth for Swift +* many-to-many relationship between identity and tenant for Nova. + + +SERVICES: +--------- + +* Keystone - authentication service +* Auth_Token - WSGI middleware that can be used to handle token auth protocol (WSGI or remote proxy) +* Echo - A sample service that responds by returning call details + +Also included: + +* Auth_Basic - Stub for WSGI middleware that will be used to handle basic auth +* Auth_OpenID - Stub for WSGI middleware that will be used to handle openid auth protocol +* RemoteAuth - WSGI middleware that can be used in services (like Swift, Nova, and Glance) when Auth middleware is running remotely + + +DEPENDENCIES: +------------- + +* bottle +* eventlet +* lxml +* Paste +* PasteDeploy +* PasteScript +* SQLAlchemy +* SQLite3 +* webob + + +SETUP: +------ + +Install http://pypi.python.org/pypi/setuptools + + sudo easy_install bottle + sudo easy_install eventlet + sudo easy_install lxml + sudo easy_install paste + sudo easy_install pastedeploy + sudo easy_install pastescript + sudo easy_install pysqlite + sudo easy_install sqlalchemy + sudo easy_install webob + +Or using pip: + + sudo pip install -r pip-requires + + +RUNNING KEYSTONE: +----------------- + +From the topdir + + $ bin/keystone-control --config-file etc/keystone.conf --pid-file=pidfile auth + +The "start" command invokes bin/keystone-auth. During development you can also run + + $ bin/keystone-auth etc/keystone.conf + + + +RUNNING TEST SERVICE: +--------------------- + + Standalone stack (with Auth_Token) + $ cd echo/echo + $ python echo.py + + Distributed stack (with RemoteAuth local and Auth_Token remote) + $ cd echo/echo + $ python echo.py --remote + + in separate session + $ cd keystone/auth_protocols + $ python auth_token.py --remote + +DEMO CLIENT: +--------------------- + $ cd echo/echo + $ python echo_client.py + + +INSTALLING KEYSTONE: +-------------------- + + $ python setup.py build + $ sudo python setup.py install + + +INSTALLING TEST SERVICE: +------------------------ + + $ cd echo + $ python setup.py build + $ sudo python setup.py install + + +TESTING +------- + +After starting identity.py a keystone.db sql-lite database should be created. + +To test setup the test database: + + $ sqlite3 keystone/keystone.db < test/test_setup.sql + +To clean the test database + + $ sqlite3 keystone/keystone.db < test/kill.sql + +To run unit tests: + + $ python test/unit/test_identity.py + +To run client demo (with all auth middleware running locally on sample service): + + $ python echo/echo/echo.py + $ python echo/echo/echo_client.py + + +To perform contract validation and load testing, use SoapUI (for now). + +Using SOAPUI: + +Download [SOAPUI](http://sourceforge.net/projects/soapui/files/): + +To Test Identity Service: + +* File->Import Project +* Select tests/IdentitySOAPUI.xml +* Double click on "Keystone Tests" and press the green play (>) button + + +Unit Test on Identity Services +------------------------------ +In order to run the unit test on identity services start the auth sever + + $ cd test/unit + $ ../../bin/keystone-control --config-file ../..etc/keystone.conf --pid-file=pidfile auth start + +Once the Identity service is running, go to unit test/unit directory + + $ python test_identity.py + +You can run a sbuset of tests the following way + $ grep class test_identity.py + +You get something like + + +class identity_test(unittest.TestCase): +class authorize_test(identity_test): +class validate_token(authorize_test): +class tenant_test(unittest.TestCase): +class create_tenant_test(tenant_test): +class get_tenants_test(tenant_test): +class get_tenant_test(tenant_test): +class update_tenant_test(tenant_test): +class delete_tenant_test(tenant_test): +class tenant_group_test(unittest.TestCase): +class create_tenant_group_test(tenant_group_test): +class get_tenant_groups_test(tenant_group_test): +class get_tenant_group_test(tenant_group_test): +class update_tenant_group_test(tenant_group_test): +class delete_tenant_group_test(tenant_test): +class global_group_test(unittest.TestCase): +class create_global_group_test(global_group_test): +class create_tenant_group_test(tenant_group_test): + +You can choose any class you like to test + + $ python test_identity.py delete_tenant_test + +For more on unit testing please refer + + $ python test_identity --help + + + +DATABASE SCHEMA +--------------- + + CREATE TABLE groups(group_id varchar(255),group_desc varchar(255),tenant_id varchar(255),FOREIGN KEY(tenant_id) REFERENCES tenant(tenant_id)); + CREATE TABLE tenants(tenant_id varchar(255), tenant_desc varchar(255), tenant_enabled INTEGER, PRIMARY KEY(tenant_id ASC)); + CREATE TABLE token(token_id varchar(255),user_id varchar(255),expires datetime,tenant_id varchar(255)); + CREATE TABLE user_group(user_id varchar(255),group_id varchar(255), FOREIGN KEY(user_id) REFERENCES user(id), FOREIGN KEY(group_id) REFERENCES groups(group_id)); + CREATE TABLE user_tenant(tenant_id varchar(255),user_id varchar(255),FOREIGN KEY(tenant_id) REFERENCES tenant(tenant_id),FOREIGN KEY(user_id) REFERENCES user(id)); + CREATE TABLE users(id varchar(255),password varchar(255),email varchar(255),enabled integer); + + + + + + diff --git a/README.auth-server b/README.auth-server deleted file mode 100644 index dbe7d66a..00000000 --- a/README.auth-server +++ /dev/null @@ -1,62 +0,0 @@ -Auth Server is the Keystone which replace bottle totally with -eventlet. A copy of the template classes in bottle is copied and -placed is common is template.py. This needs to be replaced with a -perhaps moe widely used templating module. - -In addition, daemonization code is copied from glance project and added. - - -Starting and Stopping Auth Server ---------------------------------- - -From the topdir - -bin/keystone-control --config-file etc/keystone.conf --pid-file=pidfile auth - -The "start" command invokes bin/keystone-auth. During development you can also run - -bin/keystone-auth etc/keystone.conf - - -The first time you run keystone-auth, a sqlite database keystone.db is created in keystone directory. After it is created run - -sqlite3 keystone/keystone.db < test/test_setup.sql - - -Running the Tests ------------------ - -cd test/unit - -grep class test_identity.py lists all the tests in the file - -Right now you get - - -class identity_test(unittest.TestCase): -class authorize_test(identity_test): -class validate_token(authorize_test): -class tenant_test(unittest.TestCase): -class create_tenant_test(tenant_test): -class get_tenants_test(tenant_test): -class get_tenant_test(tenant_test): -class update_tenant_test(tenant_test): -class delete_tenant_test(tenant_test): -class tenant_group_test(unittest.TestCase): -class create_tenant_group_test(tenant_group_test): -class get_tenant_groups_test(tenant_group_test): -class get_tenant_group_test(tenant_group_test): -class update_tenant_group_test(tenant_group_test): -class delete_tenant_group_test(tenant_test): -class global_group_test(unittest.TestCase): -class create_global_group_test(global_group_test): -class create_tenant_group_test(tenant_group_test): - - -You can run all of the tests with - -python test_identity.py - -You can run any subset of the test by giving the class name e.g. - -python test_identity.py delete_tenant_test \ No newline at end of file diff --git a/README.md b/README.md deleted file mode 100644 index fa925ac4..00000000 --- a/README.md +++ /dev/null @@ -1,163 +0,0 @@ -Keystone: Identity Service -========================== - -Keystone is a proposed independent authentication service for [OpenStack](http://www.openstack.org). - -This initial proof of concept aims to address the current use cases in Swift and Nova which are: - -* REST-based, token auth for Swift -* many-to-many relationship between identity and tenant for Nova. - - -SERVICES: ---------- - -* Keystone - authentication service -* Auth_Token - WSGI middleware that can be used to handle token auth protocol (WSGI or remote proxy) -* Echo - A sample service that responds by returning call details - -Also included: - -* Auth_Basic - Stub for WSGI middleware that will be used to handle basic auth -* Auth_OpenID - Stub for WSGI middleware that will be used to handle openid auth protocol -* RemoteAuth - WSGI middleware that can be used in services (like Swift, Nova, and Glance) when Auth middleware is running remotely - - -DEPENDENCIES: -------------- - -* bottle -* eventlet -* lxml -* Paste -* PasteDeploy -* PasteScript -* SQLAlchemy -* SQLite3 -* webob - - -SETUP: ------- - -Install http://pypi.python.org/pypi/setuptools - - sudo easy_install bottle - sudo easy_install eventlet - sudo easy_install lxml - sudo easy_install paste - sudo easy_install pastedeploy - sudo easy_install pastescript - sudo easy_install pysqlite - sudo easy_install sqlalchemy - sudo easy_install webob - -Or using pip: - - sudo pip install -r pip-requires - - -RUNNING KEYSTONE: ------------------ - - $ cd keystone - $ python identity.py - - -RUNNING TEST SERVICE: ---------------------- - - Standalone stack (with Auth_Token) - $ cd echo/echo - $ python echo.py - - Distributed stack (with RemoteAuth local and Auth_Token remote) - $ cd echo/echo - $ python echo.py --remote - - in separate session - $ cd keystone/auth_protocols - $ python auth_token.py --remote - -DEMO CLIENT: ---------------------- - $ cd echo/echo - $ python echo_client.py - - -INSTALLING KEYSTONE: --------------------- - - $ python setup.py build - $ sudo python setup.py install - - -INSTALLING TEST SERVICE: ------------------------- - - $ cd echo - $ python setup.py build - $ sudo python setup.py install - - -TESTING -------- - -After starting identity.py a keystone.db sql-lite database should be created. - -To test setup the test database: - - $ sqlite3 keystone/keystone.db < test/test_setup.sql - -To clean the test database - - $ sqlite3 keystone/keystone.db < test/kill.sql - -To run unit tests: - - $ python test/unit/test_identity.py - -To run client demo (with all auth middleware running locally on sample service): - - $ python echo/echo/echo.py - $ python echo/echo/echo_client.py - - -To perform contract validation and load testing, use SoapUI (for now). - -Using SOAPUI: - -Download [SOAPUI](http://sourceforge.net/projects/soapui/files/): - -To Test Identity Service: - -* File->Import Project -* Select tests/IdentitySOAPUI.xml -* Double click on "Keystone Tests" and press the green play (>) button - - -Unit Test on Identity Services ------------------------------- -In order to run the unit test on identity services, run from the keystone directory - - python identity.py - -Once the Identity service is running, go to unit test/unit directory - - python test_identity.py - -For more on unit testing please refer - - python test_identity --help - - - -DATABASE SCHEMA ---------------- - - CREATE TABLE groups(group_id varchar(255),group_desc varchar(255),tenant_id varchar(255),FOREIGN KEY(tenant_id) REFERENCES tenant(tenant_id)); - CREATE TABLE tenants(tenant_id varchar(255), tenant_desc varchar(255), tenant_enabled INTEGER, PRIMARY KEY(tenant_id ASC)); - CREATE TABLE token(token_id varchar(255),user_id varchar(255),expires datetime,tenant_id varchar(255)); - CREATE TABLE user_group(user_id varchar(255),group_id varchar(255), FOREIGN KEY(user_id) REFERENCES user(id), FOREIGN KEY(group_id) REFERENCES groups(group_id)); - CREATE TABLE user_tenant(tenant_id varchar(255),user_id varchar(255),FOREIGN KEY(tenant_id) REFERENCES tenant(tenant_id),FOREIGN KEY(user_id) REFERENCES user(id)); - CREATE TABLE users(id varchar(255),password varchar(255),email varchar(255),enabled integer); diff --git a/etc/keystone.conf b/etc/keystone.conf index c85fd25a..f38d7df5 100644 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -27,5 +27,7 @@ registry_port = 9191 # Log to this file. Make sure you do not set the same log # file for both the API and registry servers! - +# +#log_file = /var/log/keystone.log +log_file = keystone.log diff --git a/test/unit/test_identity.py b/test/unit/test_identity.py index e6079366..09170a79 100644 --- a/test/unit/test_identity.py +++ b/test/unit/test_identity.py @@ -1954,7 +1954,6 @@ class create_tenant_group_test(tenant_group_test): respG, contentG = create_tenant_group_xml('test_tenant_group', \ "test_tenant", str(self.auth_token)) - print contentG self.tenant = 'test_tenant' self.tenant_group = 'test_tenant_group' content = etree.fromstring(content) -- cgit