From f4bd41bc125d625b23ccbec557dbd57af097a5bf Mon Sep 17 00:00:00 2001
From: Yogeshwar Srikrishnan <yoga80@yahoo.com>
Date: Tue, 13 Sep 2011 16:04:40 -0500
Subject: Docs,wadls,samples,initial code to support RAX-KSKEY and OS-KSEC2
 extensions. Removed tenant id from being part of endpoints.

Change-Id: Ie004a4a4352be14dceaf955e8944b89c00ceeadb
---
 keystone/content/admin/OS-KSADM-admin-devguide.pdf | Bin 247508 -> 269146 bytes
 keystone/content/admin/OS-KSADM-admin.wadl         |  29 ++--
 .../content/admin/OS-KSCATALOG-admin-devguide.pdf  | Bin 132729 -> 138372 bytes
 keystone/content/admin/OS-KSEC2-admin-devguide.pdf | Bin 0 -> 125310 bytes
 keystone/content/admin/OS-KSEC2-admin.wadl         | 185 +++++++++++++++++++++
 .../content/admin/RAX-KSKEY-admin-devguide.pdf     | Bin 0 -> 126498 bytes
 keystone/content/admin/RAX-KSKEY-admin.wadl        | 185 +++++++++++++++++++++
 keystone/content/admin/identityadminguide.pdf      | Bin 257315 -> 268472 bytes
 .../content/common/samples/apikeyCredentials.json  |   6 +
 .../content/common/samples/apikeyCredentials.xml   |   6 +
 keystone/content/common/samples/auth.json          |   6 +-
 keystone/content/common/samples/auth.xml           |   4 -
 keystone/content/common/samples/credentials.json   |   2 +-
 keystone/content/common/samples/credentials.xml    |   2 +-
 .../common/samples/credentialswithapikey.json      |  16 ++
 .../common/samples/credentialswithapikey.xml       |   9 +
 .../content/common/samples/credentialswithec2.json |  17 ++
 .../content/common/samples/credentialswithec2.xml  |   7 +
 .../content/common/samples/ec2Credentials.json     |   7 +
 keystone/content/common/samples/ec2Credentials.xml |   7 +
 .../content/service/OS-KSEC2-service-devguide.pdf  | Bin 93757 -> 93922 bytes
 .../content/service/RAX-KSGRP-service-devguide.pdf | Bin 94475 -> 97560 bytes
 .../content/service/RAX-KSKEY-service-devguide.pdf | Bin 94715 -> 94960 bytes
 .../contrib/extensions/admin/osec2/__init__.py     |   0
 .../contrib/extensions/admin/osec2/extension.json  |  16 ++
 .../contrib/extensions/admin/osec2/extension.xml   |  16 ++
 .../contrib/extensions/admin/osec2/frontend.py     |  99 +++++++++++
 .../contrib/extensions/admin/raxkey/__init__.py    |   0
 .../contrib/extensions/admin/raxkey/extension.json |  14 ++
 .../contrib/extensions/admin/raxkey/extension.xml  |  13 ++
 .../contrib/extensions/admin/raxkey/frontend.py    |  99 +++++++++++
 31 files changed, 720 insertions(+), 25 deletions(-)
 create mode 100644 keystone/content/admin/OS-KSEC2-admin-devguide.pdf
 create mode 100644 keystone/content/admin/OS-KSEC2-admin.wadl
 create mode 100644 keystone/content/admin/RAX-KSKEY-admin-devguide.pdf
 create mode 100644 keystone/content/admin/RAX-KSKEY-admin.wadl
 create mode 100644 keystone/content/common/samples/apikeyCredentials.json
 create mode 100644 keystone/content/common/samples/apikeyCredentials.xml
 create mode 100644 keystone/content/common/samples/credentialswithapikey.json
 create mode 100644 keystone/content/common/samples/credentialswithapikey.xml
 create mode 100644 keystone/content/common/samples/credentialswithec2.json
 create mode 100644 keystone/content/common/samples/credentialswithec2.xml
 create mode 100644 keystone/content/common/samples/ec2Credentials.json
 create mode 100644 keystone/content/common/samples/ec2Credentials.xml
 create mode 100644 keystone/contrib/extensions/admin/osec2/__init__.py
 create mode 100644 keystone/contrib/extensions/admin/osec2/extension.json
 create mode 100644 keystone/contrib/extensions/admin/osec2/extension.xml
 create mode 100644 keystone/contrib/extensions/admin/osec2/frontend.py
 create mode 100644 keystone/contrib/extensions/admin/raxkey/__init__.py
 create mode 100644 keystone/contrib/extensions/admin/raxkey/extension.json
 create mode 100644 keystone/contrib/extensions/admin/raxkey/extension.xml
 create mode 100644 keystone/contrib/extensions/admin/raxkey/frontend.py

diff --git a/keystone/content/admin/OS-KSADM-admin-devguide.pdf b/keystone/content/admin/OS-KSADM-admin-devguide.pdf
index dabd390c..945c590f 100644
Binary files a/keystone/content/admin/OS-KSADM-admin-devguide.pdf and b/keystone/content/admin/OS-KSADM-admin-devguide.pdf differ
diff --git a/keystone/content/admin/OS-KSADM-admin.wadl b/keystone/content/admin/OS-KSADM-admin.wadl
index d82ad2eb..3216f16e 100644
--- a/keystone/content/admin/OS-KSADM-admin.wadl
+++ b/keystone/content/admin/OS-KSADM-admin.wadl
@@ -64,7 +64,7 @@
                             <method href="#addUserCredential"/>
                             <method href="#listCredentials"/>
                             <resource id="userCredentialsByType" path="{credential-type}">
-                                <param name="credentialType" style="template" type="OS-KSADM:extensibleCredentialsType"/>
+                                <param name="credentialType" style="template" type="OS-KSADM:extensibleCredentialsType" required="true"/>
                                 <method href="#updateUserCredential"/>
                                 <method href="#deleteUserCredential"/>
                                 <method href="#getUserCredential"/>
@@ -84,21 +84,22 @@
                         <resource id="rolesForTenant" path="roles">
                             <method href="#listRolesForTenant"/>
                         </resource>
-    
-                        <resource id="usersForTenant" path="users">
-                            <method href="#listUsersForTenant"/>
-                            <method href="#listUsersWithRoleForTenant"/>
-                            <resource id="userForTenant" path="{userId}">
-                                <param name="userId" style="template" type="xsd:string"/>
-                                <resource id="userRolesForTenant" path="roles">
+                    </resource>        
+                    <resource id="usersForTenant" path="users">
+                        <method href="#listUsersForTenant"/>
+                        <method href="#listUsersWithRoleForTenant"/>
+                        <resource id="userForTenant" path="{userId}">
+                            <param name="userId" style="template" type="xsd:string"/>
+                            <resource id="userRolesForTenant" path="roles">
+                                <resource id="tenant-user-role-OS-KSADM" path="OS-KSADM">
                                     <resource id="userSpecificRoleForTenant" path="{roleId}">
                                         <method href="#addRolesToUserOnTenant"/>
                                         <method href="#deleteRoleFromUserOnTenant"/>
                                     </resource>
                                 </resource>
                             </resource>
-                       </resource>
-                    </resource>
+                        </resource>
+                   </resource>
                 </resource>
             </resource>
 
@@ -265,7 +266,7 @@
     </method>
     
     <method name="PUT" id="addRolesToUserOnTenant">
-        <doc xml:lang="EN" title="Add roles on a tenant.">
+        <doc xml:lang="EN" title="Add roles to a user on a tenant.">
             <p xmlns="http://www.w3.org/1999/xhtml">Adds a specific role to a user for a tenant.</p>
             <examples xmlns="http://docs.rackspace.com/api" title="Add role to a user for a Tenant Request ">
                 <example href="../common/samples/norequestbody.txt"/>
@@ -278,9 +279,9 @@
     </method>    
 
     <method name="DELETE" id="deleteRoleFromUserOnTenant">
-        <doc xml:lang="EN" title="Delete roles on tenant.">
+        <doc xml:lang="EN" title="Delete roles from a user on tenant.">
             <p xmlns="http://www.w3.org/1999/xhtml">Deletes a specific role from a user for a tenant.</p>
-            <examples xmlns="http://docs.rackspace.com/api" title="Delete Role From User For a Tenant Request">
+            <examples xmlns="http://docs.rackspace.com/api" title="Delete Role from User for a Tenant Request">
                 <example href="../common/samples/norequestbody.txt"/>
             </examples>
         </doc>
@@ -742,4 +743,4 @@
         &commonFaults;
         &getFaults;
     </method>
-</application>
\ No newline at end of file
+</application>
diff --git a/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf b/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf
index d2448e87..dd5b4d9c 100644
Binary files a/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf and b/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf differ
diff --git a/keystone/content/admin/OS-KSEC2-admin-devguide.pdf b/keystone/content/admin/OS-KSEC2-admin-devguide.pdf
new file mode 100644
index 00000000..c89f3a8e
Binary files /dev/null and b/keystone/content/admin/OS-KSEC2-admin-devguide.pdf differ
diff --git a/keystone/content/admin/OS-KSEC2-admin.wadl b/keystone/content/admin/OS-KSEC2-admin.wadl
new file mode 100644
index 00000000..9aaadc4e
--- /dev/null
+++ b/keystone/content/admin/OS-KSEC2-admin.wadl
@@ -0,0 +1,185 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- (C) 2011 OpenStack LLC., All Rights Reserved -->
+<!--*******************************************************-->
+<!--         Import Common XML Entities                    -->
+<!--                                                       -->
+<!--     You can resolve the entites with xmllint          -->
+<!--                                                       -->
+<!--        xmllint -noent OS-KSEC2-admin.wadl             -->
+<!--*******************************************************-->
+<!DOCTYPE application [
+<!ENTITY % common  SYSTEM "../common/common.ent">
+%common;
+]>
+
+<application xmlns="http://wadl.dev.java.net/2009/02"
+	xmlns:identity="http://docs.openstack.org/identity/api/v2.0"
+	xmlns:OS-KSADM="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"	
+	xmlns:capi="http://docs.openstack.org/common/api/v2.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+	xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 ../common/xsd/api.xsd
+		http://docs.openstack.org/common/api/v1.0 ../common/xsd/api-common.xsd
+		http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
+		http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0 ../common/xsd/OS-KSADM.xsd
+		">
+
+    <grammars>
+        <include href="../common/xsd/api.xsd"/>
+        <include href="../common/xsd/api-common.xsd"/>
+        <include href="../common/xsd/OS-KSADM.xsd" />
+    </grammars>
+    <!--*******************************************************-->
+    <!--             All Resoruces                             -->
+    <!--*******************************************************-->
+
+    <!-- We should use SSL in production -->
+    <resources base="http://localhost:5001">
+        <resource id="version" path="v2.0">
+            <param name="X-Auth-Token" style="header" type="xsd:string" required="true">
+                <doc>You need a valid admin token for access.</doc>
+            </param>            
+            <resource id="users" path="users">
+                <resource id="userById" path="{userId}">
+                        <resource id="userCredentials" path="credentials">
+                            <method href="#addUserCredential"/>
+                            <method href="#listCredentials"/>
+                            <resource id="userCredentialsByType" path="OS-KSEC2:ec2Credentials">
+                                <method href="#updateUserCredential"/>
+                                <method href="#deleteUserCredential"/>
+                                <method href="#getUserCredential"/>
+                            </resource>
+                        </resource>
+                    </resource>
+                </resource>
+            </resource>
+    </resources>
+
+    <!--*******************************************************-->
+    <!--               All Methods                             -->
+    <!--*******************************************************-->
+
+    
+    
+    <!-- User Credentials-->
+    <method name="POST" id="addUserCredential">
+        <doc xml:lang="EN" title="Add user Credential.">
+            <p xmlns="http://www.w3.org/1999/xhtml">Adds a credential to a user.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Add Credentials Request">
+                <example href="../common/samples/ec2Credentials.xml" language="xml"/>
+                <example href="../common/samples/ec2Credentials.json" language="javascript"/>
+            </examples>            
+            
+            <examples xmlns="http://docs.rackspace.com/api" title="Add Credential Response">
+                <example href="../common/samples/ec2Credentials.xml" language="xml"/>
+                <example href="../common/samples/ec2Credentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </request>
+        <response status="201">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+
+    <method name="GET" id="listCredentials">
+        <doc xml:lang="EN" title="List Credentials">
+            <p xmlns="http://www.w3.org/1999/xhtml">List credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="List Credentials Response">
+                <example href="../common/samples/credentialswithec2.xml" language="xml"/>
+                <example href="../common/samples/credentialswithec2.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <param name="marker" style="query" required="false" type="xsd:string"/>
+            <param name="limit" style="query" required="false" type="xsd:int"/>
+        </request>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>
+    
+    <method name="GET" id="listCredentialsByType">
+        <doc xml:lang="EN" title="List Credentials by type">
+            <p xmlns="http://www.w3.org/1999/xhtml">List credentials by type.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="List Credentials Response">
+                <example href="../common/samples/credentials.xml" language="xml"/>
+                <example href="../common/samples/credentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <param name="marker" style="query" required="false" type="xsd:string"/>
+            <param name="limit" style="query" required="false" type="xsd:int"/>
+        </request>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>    
+
+    <method name="POST" id="updateUserCredential">
+        <doc xml:lang="EN" title="Update user credential">
+            <p xmlns="http://www.w3.org/1999/xhtml">Update credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Update Credential Request">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+            
+            <examples xmlns="http://docs.rackspace.com/api" title="Update Credential Response">
+                <example href="../common/samples/ec2Credentials.xml" language="xml"/>
+                <example href="../common/samples/ec2Credentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </request>
+        <response status="200">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+    
+    <method name="POST" id="deleteUserCredential">
+        <doc xml:lang="EN" title="Delete user credential">
+            <p xmlns="http://www.w3.org/1999/xhtml">Delete User credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Delete User Credentials">
+                <example href="../common/samples/norequestbody.txt"/>
+            </examples>
+        </doc>
+        <response status="204"/>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+    
+    <method name="GET" id="getUserCredential">
+        <doc xml:lang="EN" title="Get user Credentials">
+            <p xmlns="http://www.w3.org/1999/xhtml">Get user credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Get User Credential Response">
+                <example href="../common/samples/ec2Credentials.xml" language="xml"/>
+                <example href="../common/samples/ec2Credentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>
+</application>
diff --git a/keystone/content/admin/RAX-KSKEY-admin-devguide.pdf b/keystone/content/admin/RAX-KSKEY-admin-devguide.pdf
new file mode 100644
index 00000000..3cc56e98
Binary files /dev/null and b/keystone/content/admin/RAX-KSKEY-admin-devguide.pdf differ
diff --git a/keystone/content/admin/RAX-KSKEY-admin.wadl b/keystone/content/admin/RAX-KSKEY-admin.wadl
new file mode 100644
index 00000000..c48d39de
--- /dev/null
+++ b/keystone/content/admin/RAX-KSKEY-admin.wadl
@@ -0,0 +1,185 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- (C) 2011 OpenStack LLC., All Rights Reserved -->
+<!--*******************************************************-->
+<!--         Import Common XML Entities                    -->
+<!--                                                       -->
+<!--     You can resolve the entites with xmllint          -->
+<!--                                                       -->
+<!--        xmllint -noent RAX-KSKEY-admin.wadl             -->
+<!--*******************************************************-->
+<!DOCTYPE application [
+<!ENTITY % common  SYSTEM "../common/common.ent">
+%common;
+]>
+
+<application xmlns="http://wadl.dev.java.net/2009/02"
+	xmlns:identity="http://docs.openstack.org/identity/api/v2.0"
+	xmlns:OS-KSADM="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"	
+	xmlns:capi="http://docs.openstack.org/common/api/v2.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+	xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 ../common/xsd/api.xsd
+		http://docs.openstack.org/common/api/v1.0 ../common/xsd/api-common.xsd
+		http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
+		http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0 ../common/xsd/OS-KSADM.xsd
+		">
+
+    <grammars>
+        <include href="../common/xsd/api.xsd"/>
+        <include href="../common/xsd/api-common.xsd"/>
+        <include href="../common/xsd/OS-KSADM.xsd" />
+    </grammars>
+    <!--*******************************************************-->
+    <!--             All Resoruces                             -->
+    <!--*******************************************************-->
+
+    <!-- We should use SSL in production -->
+    <resources base="http://localhost:5001">
+        <resource id="version" path="v2.0">
+            <param name="X-Auth-Token" style="header" type="xsd:string" required="true">
+                <doc>You need a valid admin token for access.</doc>
+            </param>            
+            <resource id="users" path="users">
+                <resource id="userById" path="{userId}">
+                        <resource id="userCredentials" path="credentials">
+                            <method href="#addUserCredential"/>
+                            <method href="#listCredentials"/>
+                            <resource id="userCredentialsByType" path="RAX-KSKEY:apikeyCredentials">
+                                <method href="#updateUserCredential"/>
+                                <method href="#deleteUserCredential"/>
+                                <method href="#getUserCredential"/>
+                            </resource>
+                        </resource>
+                    </resource>
+                </resource>
+            </resource>
+    </resources>
+
+    <!--*******************************************************-->
+    <!--               All Methods                             -->
+    <!--*******************************************************-->
+
+    
+    
+    <!-- User Credentials-->
+    <method name="POST" id="addUserCredential">
+        <doc xml:lang="EN" title="Add user Credential.">
+            <p xmlns="http://www.w3.org/1999/xhtml">Adds a credential to a user.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Add Credentials Request">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+            
+            <examples xmlns="http://docs.rackspace.com/api" title="Add Credential Response">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </request>
+        <response status="201">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+
+    <method name="GET" id="listCredentials">
+        <doc xml:lang="EN" title="List Credentials">
+            <p xmlns="http://www.w3.org/1999/xhtml">List credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="List Credentials Response">
+                <example href="../common/samples/credentialswithapikey.xml" language="xml"/>
+                <example href="../common/samples/credentialswithapikey.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <param name="marker" style="query" required="false" type="xsd:string"/>
+            <param name="limit" style="query" required="false" type="xsd:int"/>
+        </request>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>
+    
+    <method name="GET" id="listCredentialsByType">
+        <doc xml:lang="EN" title="List Credentials by type">
+            <p xmlns="http://www.w3.org/1999/xhtml">List credentials by type.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="List Credentials Response">
+                <example href="../common/samples/credentials.xml" language="xml"/>
+                <example href="../common/samples/credentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <param name="marker" style="query" required="false" type="xsd:string"/>
+            <param name="limit" style="query" required="false" type="xsd:int"/>
+        </request>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>    
+
+    <method name="POST" id="updateUserCredential">
+        <doc xml:lang="EN" title="Update user credential">
+            <p xmlns="http://www.w3.org/1999/xhtml">Update credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Update Credential Request">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+            
+            <examples xmlns="http://docs.rackspace.com/api" title="Update Credential Response">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <request>
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </request>
+        <response status="200">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+    
+    <method name="POST" id="deleteUserCredential">
+        <doc xml:lang="EN" title="Delete user credential">
+            <p xmlns="http://www.w3.org/1999/xhtml">Delete User credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Delete User Credentials">
+                <example href="../common/samples/norequestbody.txt"/>
+            </examples>
+        </doc>
+        <response status="204"/>
+        &commonFaults;
+        &postPutFaults;
+        &getFaults;
+    </method>
+    
+    <method name="GET" id="getUserCredential">
+        <doc xml:lang="EN" title="Get user Credentials">
+            <p xmlns="http://www.w3.org/1999/xhtml">Get user credentials.</p>
+            <examples xmlns="http://docs.rackspace.com/api" title="Get User Credential Response">
+                <example href="../common/samples/apikeyCredentials.xml" language="xml"/>
+                <example href="../common/samples/apikeyCredentials.json" language="javascript"/>
+            </examples>            
+        </doc>
+        <response status="200 203">
+            <representation mediaType="application/xml" element="identity:credentials"/>
+            <representation mediaType="application/json"/>
+        </response>
+        &commonFaults;
+        &getFaults;
+    </method>
+</application>
diff --git a/keystone/content/admin/identityadminguide.pdf b/keystone/content/admin/identityadminguide.pdf
index 40e47a32..112ac50b 100644
Binary files a/keystone/content/admin/identityadminguide.pdf and b/keystone/content/admin/identityadminguide.pdf differ
diff --git a/keystone/content/common/samples/apikeyCredentials.json b/keystone/content/common/samples/apikeyCredentials.json
new file mode 100644
index 00000000..2312907c
--- /dev/null
+++ b/keystone/content/common/samples/apikeyCredentials.json
@@ -0,0 +1,6 @@
+{
+    "RAX-KSKEY:apikeyCredentials":{
+        "username":"test_user",
+        "apikey":"aaaaa-bbbbb-ccccc-12345678"
+    }
+}
diff --git a/keystone/content/common/samples/apikeyCredentials.xml b/keystone/content/common/samples/apikeyCredentials.xml
new file mode 100644
index 00000000..d3ba87bd
--- /dev/null
+++ b/keystone/content/common/samples/apikeyCredentials.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<apikeyCredentials
+	xmlns="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
+	username="testuser"
+	apikey="aaaaa-bbbbb-ccccc-12345678"/>
+
diff --git a/keystone/content/common/samples/auth.json b/keystone/content/common/samples/auth.json
index f63e7b5d..f8e2f472 100644
--- a/keystone/content/common/samples/auth.json
+++ b/keystone/content/common/samples/auth.json
@@ -20,7 +20,6 @@
                         "publicURL":"https://compute.north.host/v1/1234",
                         "internalURL":"https://compute.north.host/v1/1234",
                         "region":"North",
-                        "tenantId":"1234",
                         "versionId":"1.0",
                         "versionInfo":"https://compute.north.host/v1.0/",
                         "versionList":"https://compute.north.host/"
@@ -29,7 +28,6 @@
                         "publicURL":"https://compute.north.host/v1.1/3456",
                         "internalURL":"https://compute.north.host/v1.1/3456",
                         "region":"North",
-                        "tenantId":"3456",
                         "versionId":"1.1",
                         "versionInfo":"https://compute.north.host/v1.1/",
                         "versionList":"https://compute.north.host/"
@@ -44,7 +42,6 @@
                         "publicURL":"https://compute.north.host/v1/blah-blah",
                         "internalURL":"https://compute.north.host/v1/blah-blah",
                         "region":"South",
-                        "tenantId":"1234",
                         "versionId":"1.0",
                         "versionInfo":"uri",
                         "versionList":"uri"
@@ -53,7 +50,6 @@
                         "publicURL":"https://compute.north.host/v1.1/blah-blah",
                         "internalURL":"https://compute.north.host/v1.1/blah-blah",
                         "region":"South",
-                        "tenantId":"1234",
                         "versionId":"1.1",
                         "versionInfo":"https://compute.north.host/v1.1/",
                         "versionList":"https://compute.north.host/"
@@ -72,4 +68,4 @@
             }
         ]
     }
-}
\ No newline at end of file
+}
diff --git a/keystone/content/common/samples/auth.xml b/keystone/content/common/samples/auth.xml
index 5d89a8f2..ffc42634 100644
--- a/keystone/content/common/samples/auth.xml
+++ b/keystone/content/common/samples/auth.xml
@@ -1,6 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <access xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 ../xsd/api.xsd"
 xmlns="http://docs.openstack.org/identity/api/v2.0">
 	<token expires="2010-11-01T03:32:15-05:00"
 	id="ab48a9efdfedb23ty3494"/>
@@ -13,7 +12,6 @@ xmlns="http://docs.openstack.org/identity/api/v2.0">
 		<service type="compute" name="Computers in the Cloud">
 			<endpoint
 			region="North"
-			tenantId="1234"
 			publicURL="https://north.compute.public.com/v2.0/1234"
 			internalURL="https://north.compute.internal.com/v2.0/1234">
 				<version
@@ -35,7 +33,6 @@ xmlns="http://docs.openstack.org/identity/api/v2.0">
 		<service type="object-store" name="HTTP Object Store">
 			<endpoint
 			region="North"
-			tenantId="1234"
 			publicURL="https://north.object-store.public.com/v1/1234"
 			internalURL="https://north.object-store.internal.com/v1/1234">
 				<version
@@ -45,7 +42,6 @@ xmlns="http://docs.openstack.org/identity/api/v2.0">
 			</endpoint>
 			<endpoint
 			region="South"
-			tenantId="1234"
 			publicURL="https://south.object-store.public.com/v2.0/3456"
 			internalURL="https://south.object-store.internal.com/v2.0/3456">
 				<version
diff --git a/keystone/content/common/samples/credentials.json b/keystone/content/common/samples/credentials.json
index 9a6028c0..07e9c371 100644
--- a/keystone/content/common/samples/credentials.json
+++ b/keystone/content/common/samples/credentials.json
@@ -7,4 +7,4 @@
         }
     ],
     "credentials_links":[]
-}
\ No newline at end of file
+}
diff --git a/keystone/content/common/samples/credentials.xml b/keystone/content/common/samples/credentials.xml
index 1d6a7cb1..8efa9f2e 100644
--- a/keystone/content/common/samples/credentials.xml
+++ b/keystone/content/common/samples/credentials.xml
@@ -2,4 +2,4 @@
 <credentials xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns="http://docs.openstack.org/identity/api/v2.0">
     <passwordCredentials username="test_user" password="test"/>
-</credentials>
\ No newline at end of file
+</credentials>
diff --git a/keystone/content/common/samples/credentialswithapikey.json b/keystone/content/common/samples/credentialswithapikey.json
new file mode 100644
index 00000000..c0c494c1
--- /dev/null
+++ b/keystone/content/common/samples/credentialswithapikey.json
@@ -0,0 +1,16 @@
+{
+    "credentials":[{
+            "passwordCredentials":{
+                "username":"test_user",
+                "password":"mypass"
+            }
+        },
+        {
+            "RAX-KSKEY:apikeyCredentials":{
+                "username":"test_user",
+                "apikey":"aaaaa-bbbbb-ccccc-12345678"
+            }
+        }
+    ],
+    "credentials_links":[]
+}
diff --git a/keystone/content/common/samples/credentialswithapikey.xml b/keystone/content/common/samples/credentialswithapikey.xml
new file mode 100644
index 00000000..2074629d
--- /dev/null
+++ b/keystone/content/common/samples/credentialswithapikey.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<credentials xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns="http://docs.openstack.org/identity/api/v2.0">
+    <passwordCredentials username="test_user" password="test"/>
+    <apikeyCredentials
+	xmlns="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
+	username="testuser"
+	apikey="aaaaa-bbbbb-ccccc-12345678"/>
+</credentials>
diff --git a/keystone/content/common/samples/credentialswithec2.json b/keystone/content/common/samples/credentialswithec2.json
new file mode 100644
index 00000000..f0a28eda
--- /dev/null
+++ b/keystone/content/common/samples/credentialswithec2.json
@@ -0,0 +1,17 @@
+{
+    "credentials":[{
+            "passwordCredentials":{
+                "username":"test_user",
+                "password":"mypass"
+            }
+        },
+        {
+            "OS-KSEC2-ec2Credentials":{
+                "username":"test_user",
+                "secret":"aaaaa",
+                "signature":"bbb"
+            }
+        }
+    ],
+    "credentials_links":[]
+}
diff --git a/keystone/content/common/samples/credentialswithec2.xml b/keystone/content/common/samples/credentialswithec2.xml
new file mode 100644
index 00000000..b6ded2a3
--- /dev/null
+++ b/keystone/content/common/samples/credentialswithec2.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<credentials xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns="http://docs.openstack.org/identity/api/v2.0">
+    <passwordCredentials username="test_user" password="test"/>
+    <ec2Credentials xmlns="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
+    	username="testuser" key="aaaaa" signature="bbbbb"/>
+</credentials>
diff --git a/keystone/content/common/samples/ec2Credentials.json b/keystone/content/common/samples/ec2Credentials.json
new file mode 100644
index 00000000..ba54b883
--- /dev/null
+++ b/keystone/content/common/samples/ec2Credentials.json
@@ -0,0 +1,7 @@
+{
+    "OS-KSEC2-ec2Credentials":{
+        "username":"test_user",
+        "secret":"aaaaa",
+        "signature":"bbb"
+    }
+}
diff --git a/keystone/content/common/samples/ec2Credentials.xml b/keystone/content/common/samples/ec2Credentials.xml
new file mode 100644
index 00000000..e36f231c
--- /dev/null
+++ b/keystone/content/common/samples/ec2Credentials.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+  <ec2Credentials
+    xmlns="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
+    username="testuser"
+    key="aaaaa"
+    signature="bbbbb"/>
+
diff --git a/keystone/content/service/OS-KSEC2-service-devguide.pdf b/keystone/content/service/OS-KSEC2-service-devguide.pdf
index c99fefec..5e04d358 100644
Binary files a/keystone/content/service/OS-KSEC2-service-devguide.pdf and b/keystone/content/service/OS-KSEC2-service-devguide.pdf differ
diff --git a/keystone/content/service/RAX-KSGRP-service-devguide.pdf b/keystone/content/service/RAX-KSGRP-service-devguide.pdf
index f2ace8de..8741b21b 100644
Binary files a/keystone/content/service/RAX-KSGRP-service-devguide.pdf and b/keystone/content/service/RAX-KSGRP-service-devguide.pdf differ
diff --git a/keystone/content/service/RAX-KSKEY-service-devguide.pdf b/keystone/content/service/RAX-KSKEY-service-devguide.pdf
index 890e8077..203542bb 100644
Binary files a/keystone/content/service/RAX-KSKEY-service-devguide.pdf and b/keystone/content/service/RAX-KSKEY-service-devguide.pdf differ
diff --git a/keystone/contrib/extensions/admin/osec2/__init__.py b/keystone/contrib/extensions/admin/osec2/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/keystone/contrib/extensions/admin/osec2/extension.json b/keystone/contrib/extensions/admin/osec2/extension.json
new file mode 100644
index 00000000..55fada48
--- /dev/null
+++ b/keystone/contrib/extensions/admin/osec2/extension.json
@@ -0,0 +1,16 @@
+{
+  "extension":{
+        "name": "OpenStack EC2 authentication Extension",
+        "namespace": "http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0",
+        "alias": "OS-KSEC2-admin",
+        "updated": "2011-08-25T09:50:00-00:00",
+        "description": "Adds the capability to support EC2 style authentication.",
+        "links": [
+          {
+            "rel": "describedby",
+            "type": "application/pdf",
+            "href": "https://github.com/openstack/keystone/raw/master/keystone/content/service/OS-KSEC2-admin-devguide.pdf"
+          }
+        ]
+	}
+}
diff --git a/keystone/contrib/extensions/admin/osec2/extension.xml b/keystone/contrib/extensions/admin/osec2/extension.xml
new file mode 100644
index 00000000..cda8db6b
--- /dev/null
+++ b/keystone/contrib/extensions/admin/osec2/extension.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+    <extension
+        name="OpenStack EC2 authentication Extension"
+        namespace="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
+        alias="OS-KSEC2-admin"
+        updated="2011-08-25T09:50:00-00:00">
+
+        <description>
+              Adds the capability to support EC2 style authentication.
+        </description>
+
+        <atom:link rel="describedby"
+                   type="application/pdf"
+                   href="https://github.com/openstack/keystone/raw/master/keystone/content/service/OS-KSEC2-admin-devguide.pdf"/>
+    </extension>
+
diff --git a/keystone/contrib/extensions/admin/osec2/frontend.py b/keystone/contrib/extensions/admin/osec2/frontend.py
new file mode 100644
index 00000000..4a824a68
--- /dev/null
+++ b/keystone/contrib/extensions/admin/osec2/frontend.py
@@ -0,0 +1,99 @@
+#!/usr/bin/env python
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+#
+# Copyright (c) 2010-2011 OpenStack, LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+RACKSPACE API KEY EXTENSION
+
+This WSGI component
+- detects calls with extensions in them.
+- processes the necessary components
+"""
+
+import os
+import json
+from lxml import etree
+from webob.exc import Request, Response
+
+EXTENSION_ALIAS = "OS-KSEC2-admin"
+
+
+class FrontEndFilter(object):
+    """API Key Middleware that handles authentication with API Key"""
+
+    def __init__(self, app, conf):
+        """ Common initialization code """
+        print "Starting the %s extension" % EXTENSION_ALIAS
+        self.conf = conf
+        self.app = app
+
+    def __call__(self, env, start_response):
+        """ Handle incoming request. Transform. And send downstream. """
+        request = Request(env)
+        if request.path == "/extensions":
+            if env['KEYSTONE_API_VERSION'] == '2.0':
+                request = Request(env)
+                response = request.get_response(self.app)
+                if response.status_int == 200:
+                    if response.content_type == 'application/json':
+                        #load json for this extension from file
+                        thisextension = open(os.path.join(
+                                                    os.path.dirname(__file__),
+                                                   "extension.json")).read()
+                        thisextensionjson = json.loads(thisextension)
+
+                        #load json in response
+                        body = json.loads(response.body)
+                        extensionsarray = body["extensions"]["values"]
+
+                        #add this extension and return the response
+                        extensionsarray.append(thisextensionjson)
+                        newresp = Response(
+                            content_type='application/json',
+                            body=json.dumps(body))
+                        return newresp(env, start_response)
+                    elif response.content_type == 'application/xml':
+                        #load xml for this extension from file
+                        thisextensionxml = etree.parse(os.path.join(
+                                                    os.path.dirname(__file__),
+                                                   "extension.xml")).getroot()
+                        #load xml being returned in response
+                        body = etree.fromstring(response.body)
+
+                        #add this extension and return the response
+                        body.append(thisextensionxml)
+                        newresp = Response(
+                            content_type='application/xml',
+                            body=etree.tostring(body))
+                        return newresp(env, start_response)
+
+                # return the response
+                return response(env, start_response)
+
+        #default action, bypass
+        return self.app(env, start_response)
+
+
+def filter_factory(global_conf, **local_conf):
+    """Returns a WSGI filter app for use with paste.deploy."""
+    conf = global_conf.copy()
+    conf.update(local_conf)
+
+    def ext_filter(app):
+        """Closure to return"""
+        return FrontEndFilter(app, conf)
+    return ext_filter
diff --git a/keystone/contrib/extensions/admin/raxkey/__init__.py b/keystone/contrib/extensions/admin/raxkey/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/keystone/contrib/extensions/admin/raxkey/extension.json b/keystone/contrib/extensions/admin/raxkey/extension.json
new file mode 100644
index 00000000..01844a8d
--- /dev/null
+++ b/keystone/contrib/extensions/admin/raxkey/extension.json
@@ -0,0 +1,14 @@
+{
+  "extension":{
+    "name": "Rackspace API Key Authentication Admin",
+    "namespace": "http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0",
+    "alias": "RAX-KSKEY-admin",
+    "updated": "2011-07-13T13:25:27-06:00",
+    "description": "Rackspace extensions to Keystone v2.0 API enabling API Key authentication.",
+    "links": [{
+        "rel": "describedby",
+        "type": "application/pdf",
+        "href": "https://github.com/openstack/keystone/raw/master/keystone/content/admin/RAX-KSKEY-service-devguide.pdf"
+    }]
+   }
+}
diff --git a/keystone/contrib/extensions/admin/raxkey/extension.xml b/keystone/contrib/extensions/admin/raxkey/extension.xml
new file mode 100644
index 00000000..b507a1b5
--- /dev/null
+++ b/keystone/contrib/extensions/admin/raxkey/extension.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<extension  xmlns="http://docs.openstack.org/common/api/v2.0"
+            xmlns:atom="http://www.w3.org/2005/Atom"
+            name="Rackspace API Key authentication" namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
+            alias="RAX-KSKEY-admin"
+            updated="2011-08-14T13:25:27-06:00">
+            <description>
+                        Rackspace extensions to Keystone v2.0 API
+                        enabling API Key authentication.
+            </description>
+            <atom:link rel="describedby" type="application/pdf"
+                        href="https://github.com/openstack/keystone/raw/master/keystone/content/service/RAX-KSKEY-admin-devguide.pdf"/>
+</extension>
diff --git a/keystone/contrib/extensions/admin/raxkey/frontend.py b/keystone/contrib/extensions/admin/raxkey/frontend.py
new file mode 100644
index 00000000..ccd47439
--- /dev/null
+++ b/keystone/contrib/extensions/admin/raxkey/frontend.py
@@ -0,0 +1,99 @@
+#!/usr/bin/env python
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+#
+# Copyright (c) 2010-2011 OpenStack, LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+RACKSPACE API KEY EXTENSION
+
+This WSGI component
+- detects calls with extensions in them.
+- processes the necessary components
+"""
+
+import os
+import json
+from lxml import etree
+from webob.exc import Request, Response
+
+EXTENSION_ALIAS = "RAX-KSKEY-admin"
+
+
+class FrontEndFilter(object):
+    """API Key Middleware that handles authentication with API Key"""
+
+    def __init__(self, app, conf):
+        """ Common initialization code """
+        print "Starting the %s extension" % EXTENSION_ALIAS
+        self.conf = conf
+        self.app = app
+
+    def __call__(self, env, start_response):
+        """ Handle incoming request. Transform. And send downstream. """
+        request = Request(env)
+        if request.path == "/extensions":
+            if env['KEYSTONE_API_VERSION'] == '2.0':
+                request = Request(env)
+                response = request.get_response(self.app)
+                if response.status_int == 200:
+                    if response.content_type == 'application/json':
+                        #load json for this extension from file
+                        thisextension = open(os.path.join(
+                                                    os.path.dirname(__file__),
+                                                   "extension.json")).read()
+                        thisextensionjson = json.loads(thisextension)
+
+                        #load json in response
+                        body = json.loads(response.body)
+                        extensionsarray = body["extensions"]["values"]
+
+                        #add this extension and return the response
+                        extensionsarray.append(thisextensionjson)
+                        newresp = Response(
+                            content_type='application/json',
+                            body=json.dumps(body))
+                        return newresp(env, start_response)
+                    elif response.content_type == 'application/xml':
+                        #load xml for this extension from file
+                        thisextensionxml = etree.parse(os.path.join(
+                                                    os.path.dirname(__file__),
+                                                   "extension.xml")).getroot()
+                        #load xml being returned in response
+                        body = etree.fromstring(response.body)
+
+                        #add this extension and return the response
+                        body.append(thisextensionxml)
+                        newresp = Response(
+                            content_type='application/xml',
+                            body=etree.tostring(body))
+                        return newresp(env, start_response)
+
+                # return the response
+                return response(env, start_response)
+
+        #default action, bypass
+        return self.app(env, start_response)
+
+
+def filter_factory(global_conf, **local_conf):
+    """Returns a WSGI filter app for use with paste.deploy."""
+    conf = global_conf.copy()
+    conf.update(local_conf)
+
+    def ext_filter(app):
+        """Closure to return"""
+        return FrontEndFilter(app, conf)
+    return ext_filter
-- 
cgit