File openstack-keystone-doc.changes of Package openstack-keystone-doc

-------------------------------------------------------------------
Thu May 14 01:41:40 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.2.1.dev4:
  * Fix security issues with EC2 credentials
  * Ensure OAuth1 authorized roles are respected

-------------------------------------------------------------------
Wed May 13 01:41:59 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.2.1.dev2:
  * Check timestamp of signed EC2 token request

-------------------------------------------------------------------
Fri May  1 03:59:17 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.2.1.dev1:
  * Add cadf auditing to credentials
  14.2.0

-------------------------------------------------------------------
Sat Feb 22 03:52:45 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev36:
  * Tell reno to ignore the kilo branch

-------------------------------------------------------------------
Fri Feb 21 03:56:38 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev35:
  * Always have username in CADF initiator

-------------------------------------------------------------------
Sat Feb 15 03:55:59 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev33:
  * Fix role\_assignments role.id filter
  * Ensure bootstrap handles multiple roles with the same name

-------------------------------------------------------------------
Wed Feb 12 03:57:42 UTC 2020 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev29:
  * Add the missing packages when install keystone

-------------------------------------------------------------------
Thu Nov 14 02:04:51 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev28:
  * Allows to use application credentials through group membership

-------------------------------------------------------------------
Thu Oct 24 02:02:35 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev26:
  * Make system tokens work with domain-specific drivers

-------------------------------------------------------------------
Wed Oct 23 02:02:26 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev24:
  * Add test case for expanding implied roles in system tokens

-------------------------------------------------------------------
Sat Oct 19 02:02:26 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev22:
  * Add retry for DBDeadlock in credential delete

-------------------------------------------------------------------
Thu Oct 17 02:02:50 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev20:
  * Import LDAP job into project
  * Update broken links to dogpile.cache docs

-------------------------------------------------------------------
Wed Sep 25 02:48:26 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev16:
  * Fixing 404 URLs for Rocky

-------------------------------------------------------------------
Thu Sep 12 02:47:19 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev15:
  * Updating mapping rule link

-------------------------------------------------------------------
Fri Aug 30 05:02:15 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev13:
  * Fix python3 compatibility on LDAP search DN from id
  * Fixing dn\_to\_id function for cases were id is not in the DN

-------------------------------------------------------------------
Fri Aug 23 02:31:36 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev9:
  * Remove experimental openSUSE 42.3 job

-------------------------------------------------------------------
Sat Aug  3 03:49:00 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev8:
  * Revert "Blacklist bandit 1.6.0"

-------------------------------------------------------------------
Tue May 14 06:09:49 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev7:
  * Blacklist bandit 1.6.0
  * OpenDev Migration Patch

-------------------------------------------------------------------
Wed Apr 17 02:49:40 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev5:
  * Remove message about circular role inferences

-------------------------------------------------------------------
Tue Apr 16 02:49:11 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev3:
  * Delete shadow users when domain is deleted

-------------------------------------------------------------------
Wed Apr 10 03:06:20 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.1.1.dev1:
  * Replace openstack.org git:// URLs with https://
  14.1.0

-------------------------------------------------------------------
Thu Mar 21 01:42:22 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev25:
  * PY3: Ensure LDAP searches use unicode attributes
  * PY3: switch to using unicode text values
  * Set initiator id as user\_id for auth events
  * Invalidate shadow\_federated\_user cache when deleting protocol
  * Switch devstack plugin to samltest.id

-------------------------------------------------------------------
Wed Mar 20 02:07:01 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev15:
  * Update the minimimum required version of oslo.log

-------------------------------------------------------------------
Tue Mar 19 02:09:01 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev13:
  * Run Rocky cover jobs on Xenial

-------------------------------------------------------------------
Sat Mar 16 02:13:46 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev11:
  * Fix the incorrect release name of project guide

-------------------------------------------------------------------
Wed Mar 13 02:14:08 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev10:
  * Remove publish-loci post job
  * fix self-service credential APIs
  * correct the admin\_or\_target\_domain rule

-------------------------------------------------------------------
Tue Jan  8 06:28:54 UTC 2019 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev7:
  * Fix example for getting system scoped token

-------------------------------------------------------------------
Wed Dec 12 05:13:40 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev6:
  * Clarify deprecation message

-------------------------------------------------------------------
Tue Nov 27 04:54:20 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev4:
  * Make OSA rolling upgrade test experimental

-------------------------------------------------------------------
Thu Nov 22 05:19:36 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev2:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Wed Nov  7 06:05:52 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.2.dev1:
  * Fix developer config dir flask aftermath
  14.0.1

-------------------------------------------------------------------
Thu Oct 25 06:09:56 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev15:
  * Add caching on trust role validation to improve performance
  * Invalidate app cred AFTER deletion

-------------------------------------------------------------------
Sat Oct 20 06:13:55 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev12:
  * Update API version to 3.11
  * Mapped Groups don't exist breaks WebSSO

-------------------------------------------------------------------
Wed Oct 10 05:27:09 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev8:
  * Update RDO install guide for v3

-------------------------------------------------------------------
Tue Oct  9 05:18:31 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev6:
  * Ensure view args is in policy dict

-------------------------------------------------------------------
Fri Oct  5 06:33:10 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev4:
  * LDAP attribute names non-case-sensitive

-------------------------------------------------------------------
Tue Sep 11 08:38:04 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev3:
  * import zuul job settings from project-config

-------------------------------------------------------------------
Sat Sep  8 01:49:26 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.1.dev1:
  14.0.0
  * Update UPPER\_CONSTRAINTS\_FILE for stable/rocky

-------------------------------------------------------------------
Fri Aug 31 18:52:00 UTC 2018 - kwu@suse.com

- switch to stable/rocky branch

-------------------------------------------------------------------
Fri Aug 31 04:20:56 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev64:
  * add python 3.6 unit test job
  * switch documentation job to new PTI
  * import zuul job settings from project-config

-------------------------------------------------------------------
Thu Aug 30 04:16:09 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev58:
  * Address nits
  * Trivial: Remove app\_conf kwarg from testing setup
  * Trivial: Add missing space in exception

-------------------------------------------------------------------
Wed Aug 29 04:22:41 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev52:
  * Add details and clarify examples on casing

-------------------------------------------------------------------
Sat Aug 25 04:21:11 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev50:
  * Change unique\_last\_password\_count default to 0
  * Move json\_home "extension" rel functions

-------------------------------------------------------------------
Fri Aug 24 04:21:47 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev46:
  * Re-Add scope.system to filters
  * Add placeholder migrations for Rocky
  * Convert system (role) api to flask native dispatching
  * Convert role\_assignments API to flask native dispatching
  * Add safety to the inferred target extraction during enforcement

-------------------------------------------------------------------
Thu Aug 23 04:22:59 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev37:
  * Redundant parameters in api-ref:domain-config
  * Update api-ref for unified limits

-------------------------------------------------------------------
Tue Aug 21 04:23:24 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev34:
  * Use osc in k2k example

-------------------------------------------------------------------
Sat Aug 18 04:06:43 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev32:
  * Remove get\_catalog from manage layer

-------------------------------------------------------------------
Fri Aug 17 04:24:15 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev31:
  * Do not log token string
  * Convert role\_inferences API to flask native dispatching
  * Convert Roles API to flask native dispatching
  * Add callback action back in

-------------------------------------------------------------------
Wed Aug 15 03:47:40 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev23:
  * Fix a bug that issue token with project-scope gets error
  * Convert endpoints api to flask native dispatching
  * Convert services api to flask native dispatching

-------------------------------------------------------------------
Tue Aug 14 03:47:07 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev18:
  * Convert regions API to flask native dispatching
  * Remove unused util function
  * Allow wrap\_member and wrap\_collection to specify target
  * Pass path into full\_url and base\_url
  * Convert OS-SIMPLE-CERT to flask dispatching
  * Migrate OS-EP-FILTER to flask native dispatching

-------------------------------------------------------------------
Sat Aug 11 03:41:49 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev10:
  * Update reno for stable/rocky
  * More accurate explanation in api-ref:application credentials
  * Remove redundant get\_project call
  * Expose a bug that issue token with project-scope gets error
  * Unified code style nullable description parameter

-------------------------------------------------------------------
Fri Aug 10 03:47:00 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0rc2.dev3:
  * Set initiator id as user\_id for auth events
  * Imported Translations from Zanata
  14.0.0.0rc1

-------------------------------------------------------------------
Thu Aug  9 03:44:28 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev55:
  * Allow for more robust config checking with keystone-manage
  * Convert limits and registered limits to flask dispatching

-------------------------------------------------------------------
Wed Aug  8 03:44:28 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev51:
  * Convert OS-AUTH1 paths to flask dispatching

-------------------------------------------------------------------
Tue Aug  7 03:42:39 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev49:
  * Add a release note for bug 1785164
  * Code optimization of create application credential
  * Do not allow create limits for domain

-------------------------------------------------------------------
Mon Aug  6 03:42:33 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev43:
  * Error location of parameters in api-ref:project tags
  * Fix json indentation of notification sample

-------------------------------------------------------------------
Sat Aug  4 03:42:17 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev39:
  * Clean up token extra code
  * Remove KeystoneToken object
  * Convert OS-REVOKE to flask dispatching
  * Address FIXMEs for listing revoked tokens
  * Move unenforced\_api decorator to module function
  * Remove direct calls to auth.controllers in some tests
  * Move validate\_issue\_token\_auth from controllers
  * Expose random uuid bug in cadf notifications
  * Cleanup keystone.token.providers.common
  * Remove remnants of token bind
  * Simplify the token provider API
  * Fix keystone-manage saml\_idp\_metadata under python3

-------------------------------------------------------------------
Wed Aug  1 03:45:18 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev20:
  * Api-ref: Correct response code

-------------------------------------------------------------------
Tue Jul 31 03:45:50 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev18:
  * Adding missing comma in docs
  * Boostrap CLI tests no longer call auth controller
  * Implement "no-update" test for trusts
  * Remove get\_catalog usage from contrib

-------------------------------------------------------------------
Mon Jul 30 03:46:55 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev11:
  * Move trusts to flask native dispatching

-------------------------------------------------------------------
Sat Jul 28 04:12:02 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b4.dev9:
  * Address nits in strict-two-level implementation
  14.0.0.0b3

-------------------------------------------------------------------
Fri Jul 27 04:08:12 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev171:
  * Deprecate [token] infer\_roles=False
  * Reduce duplication in federated auth APIs
  * Mirror self-link trust check from tempest
  * Add serialization for TokenModel object
  * Exposing ambiguity bug when querying role assignments

-------------------------------------------------------------------
Thu Jul 26 02:23:37 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev161:
  * Trusts do not implement patch
  * Allow for 'extension' rel in json home
  * Delete project limits when deleting project
  * Introduce new TokenModel object
  * Add docs for case-insensitivity in keystone

-------------------------------------------------------------------
Wed Jul 25 02:23:38 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev151:
  * Add pycadf initiator for flask resource
  * Use oslo\_serialization.jsonutils
  * Add project hierarchical tree check when Keystone start
  * Update project depth check
  * Add include\_limits filter

-------------------------------------------------------------------
Tue Jul 24 02:23:38 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev141:
  * Fix RBACEnforcer Comment

-------------------------------------------------------------------
Sun Jul 22 02:23:27 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev140:
  * Correctly pull input data for enforcement

-------------------------------------------------------------------
Sat Jul 21 02:23:30 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev139:
  * Allow class-level definition of API URL Prefix
  * Move Credentials API to Flask Native
  * Add correct self-link
  * Properly remove content-type on HTTP 204
  * Refactor \_set\_domain\_id\_and\_mapping functions

-------------------------------------------------------------------
Fri Jul 20 01:29:47 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev129:
  * Bump lower constraint for pysaml2 to 4.5.0
  * Don't allow legacy and native flask to share paths

-------------------------------------------------------------------
Thu Jul 19 01:31:35 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev125:
  * Add project\_id filter for listing limit
  * Strict two level limit model
  * Switch to python-ldap

-------------------------------------------------------------------
Wed Jul 18 01:33:15 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev119:
  * Increase test coverage of entity\_type id mapping query
  * Do not use flask.g imported as g
  * Fix keystone.common.rbac\_enforcer.\_\_init\_\_.py exporting
  * Make keystone.server.flask more interesting for importing
  * Filter by entity\_type in get\_domain\_mapping\_list

-------------------------------------------------------------------
Tue Jul 17 01:36:02 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev109:
  * Flesh out and add testing for flask\_RESTful scaffolding
  * Update pypi url to new url
  * Refactor \_handle\_shadow\_and\_local\_users

-------------------------------------------------------------------
Sun Jul 15 01:40:46 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev103:
  * Refactor - remove extra for loop

-------------------------------------------------------------------
Sat Jul 14 01:42:52 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev101:
  * Remove uuid token size check from doctor
  * Invalidate 'computed assignments' cache when creating a project
  * Address minor comments from initial impl RBACEnforcer
  * Move keystone.server.common to keystone.server
  * Add support for enforce\_call to set value on flask.g
  * Address minor comments to 404 error detection
  * Implement base for new RBAC Enforcer
  * Make it easy to identify a 404 from Flask
  * Don't replace the whole app just the wsgi\_app backing
  * Add support for before and after request functions
  * Convert json\_home and version discovery to Flask

-------------------------------------------------------------------
Fri Jul 13 01:45:15 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev79:
  * Remove enable config option of trust feature

-------------------------------------------------------------------
Thu Jul 12 01:40:34 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev77:
  * Filter project\_id for list limits
  * Expose endpoint to return enforcement model

-------------------------------------------------------------------
Wed Jul 11 01:46:28 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b3.dev75:
  * Clarifications to API & Scenario Tests
  * Only upload SP metadata to testshib.org if IDP id is testshib
  * Ignore .eggs dir as well
  * Implement enforcement model logic in Manager
  * Add registered\_limit\_id column for limit
  * Add auto increase primary key for unified limit
  * Remove token bind capabilities
  * pycrypto is not used by keystone
  * Add new "How Can I Help?" contributor guide
  * Added check to avoid keyerror "user['name']"
  * Refactor trust roles check
  * Keystone adheres to public\_endpoint opt only
  * Implement scaffolding for Flask-RESTful use
  * Add Flask-RESTful and update flask minimum(s)
  * Fix keystone-manage mapping\_purge with --type option
  * Override oauthlib docstrings that fail with Sphinx 1.7.5
  * Simple usage docs for implied roles
  * Fix duplicate role names in trusts bug
  * Expose duplicate role names bug in trusts
  * Remove unclear wording in parameters
  * Migrate all password hashes to the new location if needed
  * Add policy for limit model protection
  * Api-ref: Refresh the Update APIs for limits
  * Imported Translations from Zanata
  * Remove a useless function
  * Clarify complicated sentence in docs
  * Unified limit update APIs Refactor
  * Store JSON Home Resources off the composing router
  * Ensure default roles created during bootstrap
  * Add release notes link to README
  * Remove duplicated test
  * Expand on debug\_middleware option
  * Clarify scope responses in authentication api ref
  * fix tox python3 overrides
  * Add Flaskification release-note
  * Remove pastedeploy
  * Flaskification cleanup
  * Remove the rest of v2.0 legacy
  * Add in ability to load DEBUG middleware
  * Revert "Rename fernet\_utils to token\_utils"
  * Convert Keystone to use Flask
  14.0.0.0b2
  * Correct test\_v3\_oauth1.test\_deleting\_project\_also\_invalidates\_tokens
  * Correct test\_v3\_oauth1.test\_change\_user\_password\_also\_deletes\_tokens
  * Correct test\_v3\_oauth1.test\_bad\_authorizing\_roles\_id
  * Correct test\_v3\_oauth1.test\_bad\_authorizing\_roles\_name
  * Fix warnings in documentation
  * fix rally docs url
  * Decouple bootstrap from cli module
  * Handle empty token key files
  * Remove some unused functions
  * Update tests to work with WebOb 1.8.1
  * Consolidate oauth1.rst
  * Remove the TokenAuth middleware
  * Remove token driver configuration
  * Fix the test for unique IdP
  * Consolidate health-check-middleware.rst
  * Limit description support
  * The migration script to add description for limit
  * Update IdP sql model
  * Remove dead code in token provider
  * Remove unused exception
  * Add conceptual overview of the service catalog
  * Fix 500 error when deleting domain
  * Allow cleaning up non-existant group assignments

-------------------------------------------------------------------
Tue May  8 06:20:40 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev22:
  * Do not return all the limits for POST request

-------------------------------------------------------------------
Sun May  6 06:19:49 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev20:
  * Remove dead dependency injection code

-------------------------------------------------------------------
Fri May  4 06:01:11 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev18:
  * Remove unused assertions from test\_v3.py

-------------------------------------------------------------------
Wed May  2 06:17:42 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev17:
  * Add configuration option for enforcement models
  * Fix the outdated URL

-------------------------------------------------------------------
Tue May  1 06:16:36 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev13:
  * Use the provider\_api module in limit controller
  * Invalidate the shadow user cache when deleting a user

-------------------------------------------------------------------
Fri Apr 27 06:18:26 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-14.0.0.0b2.dev9:
  * Remove policy service from architecture.rst

-------------------------------------------------------------------
Tue Apr 24 16:08:15 UTC 2018 -  tbechtold@suse.com

- Update to version keystone-14.0.0.0b2.dev8:
  * Trivial: Update pypi url to new url
  * Update the RDO installation guide to use port 5000
  * Update keystone functional tests
  14.0.0.0b1
  * Remove the sample .conf file
  * Allow blocking users from self-service password change
  * Add prerequisite package note to Keystone install guide
  * Update auth\_uri option to www\_authenticate\_uri
  * Fix json schema nullable to add None to ENUM
  * Use consistent role schema in token response validation
  * Corrects spelling of MacOS
  * Follow the new PTI for document build

-------------------------------------------------------------------
Tue Apr 10 05:16:01 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev121:
  * Use the new pysaml2 constraints

-------------------------------------------------------------------
Sat Apr  7 05:19:06 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev120:
  * Fix incompatible requirement in lower-constraints
  * Fix list\_limit doesn't work correctly for domain
  * Removal of deprecated direct driver loading

-------------------------------------------------------------------
Fri Apr  6 05:14:46 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev115:
  * Update install guides
  * Expose a bug that list\_limit doesn't work correctly

-------------------------------------------------------------------
Thu Apr  5 05:13:55 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev111:
  * Fix mispelling of accommodate in install docs

-------------------------------------------------------------------
Sat Mar 31 05:04:43 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev110:
  * Log warning when using token\_flush

-------------------------------------------------------------------
Thu Mar 29 05:18:45 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev108:
  * Update RDO install guide for v3
  * Remove admin interface in sample Apache file
  * Fix user email in federated shadow users

-------------------------------------------------------------------
Wed Mar 28 05:09:08 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev102:
  * Make tags filter match subset rather than exact
  * Updated from global requirements
  * Fix integer -> method conversion for python3

-------------------------------------------------------------------
Tue Mar 27 05:14:11 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev96:
  * add lower-constraints job
  * Remove references to v2.0 from external developer doc
  * Add new setup commands for token keys

-------------------------------------------------------------------
Sat Mar 24 03:34:50 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev90:
  * Remove references to UUID from token documentation

-------------------------------------------------------------------
Thu Mar 22 03:23:19 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev88:
  * Add logging for xmlsec1 installation
  * Mark the implied role API as stable

-------------------------------------------------------------------
Wed Mar 21 03:23:41 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev84:
  * Fix api-ref for project tag create

-------------------------------------------------------------------
Tue Mar 20 03:22:26 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev82:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Mar 17 03:21:20 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev81:
  * Add note to keystone-manage bootstrap doc
  * Fix assert test error under py3.6
  * Updated from global requirements
  * Fixing multi-region support in templated v3 catalog
  * Update links in README
  * Add user documentation for JSON Home
  * Use OSC in application credential documentation

-------------------------------------------------------------------
Sun Mar 11 06:06:28 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev68:
  * Use different labels for user and project names
  * Work around deprecations for opportunistic tests
  * Consolidate identity-token-binding.rst

-------------------------------------------------------------------
Fri Mar  9 06:22:55 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev62:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Thu Mar  8 06:17:54 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev61:
  * Fix formatting of ImportError
  * Imported Translations from Zanata
  * Remove @expression from tags
  * Consolidate identity-service-api-protection.rst

-------------------------------------------------------------------
Mon Mar  5 05:30:29 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev53:
  * Updated from global requirements

-------------------------------------------------------------------
Sun Mar  4 05:34:09 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev52:
  * Api-ref: fix resource\_limit format

-------------------------------------------------------------------
Fri Mar  2 05:28:00 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev50:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Wed Feb 28 05:24:52 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev49:
  * Correct typo in identity API reference
  * Consolidate endpoint-filtering.rst
  * Remove unnecessary config overrides from fernet tests

-------------------------------------------------------------------
Tue Feb 27 04:40:00 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev43:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sun Feb 25 01:38:01 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev42:
  * Make assertValidFernetKey assertion more robust

-------------------------------------------------------------------
Thu Feb 22 01:38:15 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev41:
  * Update 3.10 versioning to limits and system scope
  * Remove v2.0 policies

-------------------------------------------------------------------
Wed Feb 21 01:38:06 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev39:
  * Populate application credential data in token
  * Force SQLite to properly deal with foreign keys

-------------------------------------------------------------------
Tue Feb 20 01:38:05 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev35:
  * Imported Translations from Zanata
  * Simplify federation and oauth token callbacks
  * Simplify token persistence callbacks

-------------------------------------------------------------------
Fri Feb 16 01:38:12 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev30:
  * Refactor token cache invalidation callbacks
  * Remove needs\_persistence property from token providers
  * Imported Translations from Zanata
  * Add docs for application credentials
  * Remove unused class variables from token provider
  * Remove domains \*-log-\* from compile\_catalog

-------------------------------------------------------------------
Thu Feb 15 05:15:31 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev21:
  * Imported Translations from Zanata
  * Grant admin a role on the system during bootstrap
  * Fix querying role\_assignment with system roles
  * Delete system role assignments when deleting groups
  * Expose bug in system assignment when deleting groups
  * Expose bug in /role\_assignments API with system-scope

-------------------------------------------------------------------
Wed Feb 14 05:14:13 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev9:
  * Delete system role assignments when deleting users
  * Expose bug in system assignment when deleting users
  * Remove the sql token driver and uuid token provider
  * Update reno for stable/queens

-------------------------------------------------------------------
Tue Feb 13 05:05:29 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev3:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sat Feb 10 05:11:18 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0rc2.dev2:
  * Imported Translations from Zanata
  13.0.0.0rc1
  * Update OBS install docs for v2 removal

-------------------------------------------------------------------
Fri Feb  9 05:12:12 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev137:
  * Add placeholder migrations for Queens
  * Delete SQL users before deleting domain
  * Reorganize api-ref: v3-ext federation mapping.inc
  * Reorganize api-ref: v3-ext federation service-provider
  * Reorganize api-ref: v3-ext oauth.inc
  * Reorganize api-ref: v3-ext federation identity-provider

-------------------------------------------------------------------
Thu Feb  8 05:12:30 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev126:
  * Replace port 35357 with 5000 for ubuntu guide
  * Reorganize api-ref: v3 os-pki
  * Reorganize api-ref: v3-ext trust.inc
  * Remove v2.0 from documentation guides
  * Remove v2.0 extension documentation
  * Update curl request documentation to remove v2.0
  * Remove v2 and v2-admin API documentation
  * Remove all v2.0 APIs except the ec2tokens API
  * Update sample configuration file for Queens
  * Imported Translations from Zanata
  * Add cache invalidation when delete application credential
  * Fix list users by name
  * Validate identity providers during token validation
  * Remove the deprecated "giturl" option
  * Add scope\_types to role policies

-------------------------------------------------------------------
Wed Feb  7 05:11:04 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev99:
  * Finish refactoring self.\*\_api out of tests

-------------------------------------------------------------------
Tue Feb  6 05:18:43 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev97:
  * Expose a bug that application credential cache is not invalidated
  * Fix cache invalidation for application credential
  * Expose a bug that cache invalidation doesn't work for application credential
  * Refactor self.\*\_api out of tests
  * Use keystone.common.provider\_api for auth APIs

-------------------------------------------------------------------
Mon Feb  5 02:16:26 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev90:
  * Update the base class for application credential
  * Fix the wrong description

-------------------------------------------------------------------
Sun Feb  4 02:16:13 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev86:
  * Replace Chinese punctuation with English punctuation

-------------------------------------------------------------------
Sat Feb  3 02:16:33 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev84:
  * Remove the redundant word
  * Update historical context about the removal of v2.0
  * Increase MySQL max\_connections for unit tests
  * Add scope\_types for user policies
  * Remove pki\_setup step in doc
  * Remove PKI/PKIZ token in doc
  * Updated from global requirements
  * Update token doc
  * Add scope\_types for policy policies
  * Add scope\_types to mapping policies
  * Use keystone.common.provider\_api for policy APIs

-------------------------------------------------------------------
Fri Feb  2 02:15:03 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev67:
  * Document flat limit enforcement model
  * add 'tags' in request body of projects
  * Add documentation describing unified limits
  * Document scope\_types for project policies
  * Document scope\_types for credential policies
  * Document fixes needed for token scope\_types
  * Add scope\_types to token revocation policies
  * Add scope\_types to endpoint group policies
  * Add scope\_types to project endpoint policies
  * Add scope\_types to policy association policies

-------------------------------------------------------------------
Thu Feb  1 02:17:00 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev54:
  * Use native Zuul v3 tox job
  * Add a release note for application credentials
  * Impose limits on application credentials
  * Enable application\_credential auth by default
  * Add api-ref for application credentials
  * Add application credential auth plugin
  * Add Application Credentials controller
  * Handle TZ change in iso8601 >=0.1.12
  * Fix federation unit test

-------------------------------------------------------------------
Wed Jan 31 02:16:11 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev37:
  * Refresh the admin\_token doc

-------------------------------------------------------------------
Tue Jan 30 02:16:39 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev35:
  * Zuul: Remove project name

-------------------------------------------------------------------
Mon Jan 29 02:16:00 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev33:
  * Update documentation to reflect system-scope

-------------------------------------------------------------------
Sun Jan 28 02:16:26 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev31:
  * Add release note for system-scope
  * Implement system-scoped tokens
  * Add scope\_types to trust policies
  * Update keystone v2/tokenauth example
  * Add scope\_types to service provider policies
  * Add scope\_types to domain config policies
  * Add scope\_types to service policies

-------------------------------------------------------------------
Sat Jan 27 02:15:32 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b4.dev24:
  * Add api-ref for unified limits
  * Expose unified limit APIs
  * Implement policies for limits
  * Add limit provider
  * Improve limit sql backend
  13.0.0.0b3
  * Implement GET /v3/auth/system
  * Add scope\_types to grant policies
  * Add scope\_types to role assignment policies
  * Remove foreign key for registered limit
  * Introduce assertions for system-scoped token testing
  * Implement system-scope in the token provider API
  * Relay system information in RoleAssignmentNotFound
  * Document scope\_types for ec2 policies
  * Add scope\_types to group policies
  * Add scope\_types to oauth policies
  * Add scope\_types to implied role policies
  * Add scope\_types for revoke event policies
  * Add scope\_types to protocol policies
  * Add scope\_types to identity provider policies
  * Add scope\_types to region policies
  * Add scope\_types to endpoint policies

-------------------------------------------------------------------
Fri Jan 26 02:17:38 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev198:
  * Fix column rename migration for mariadb 10.2
  * Teach TokenFormatter how to handle system scope
  * Add scope\_types to domain policies

-------------------------------------------------------------------
Tue Jan 23 04:44:48 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev193:
  * Rename application credential restriction column
  * Move token\_formatter to token
  * Add system column to app cred table

-------------------------------------------------------------------
Mon Jan 22 04:38:13 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev187:
  * Reorganize api-ref: v3-ext revoke.inc
  * Reorganize api-ref: v3-ext ep-filter.inc
  * Reorganize api-ref: v3-ext simple-cert.inc

-------------------------------------------------------------------
Sun Jan 21 04:38:42 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev181:
  * Reorganize api-ref: v3-ext federation projects-domains.inc
  * Use log debug instead of warning

-------------------------------------------------------------------
Sat Jan 20 04:35:29 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev178:
  * Fix outdated links
  * Add ability to list all system role assignments
  * Add Application Credentials manager
  * Handle TODO notes for using new\_user\_ref
  * Make entries in policy\_mapping.rst consistent
  * Fix indentation in docs
  * remove \_append\_null\_domain\_id decorator

-------------------------------------------------------------------
Fri Jan 19 03:58:23 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev164:
  * Add system role assignment documentation
  * Updated from global requirements
  * Add application credentials driver
  * Add application credentials db migration
  * Fix wrong url in domains-config-v3.inc
  * Remove whitespace from policy sample file

-------------------------------------------------------------------
Thu Jan 18 03:59:11 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev152:
  * msgpack-python has been renamed to msgpack
  * Remove duplicated release note

-------------------------------------------------------------------
Wed Jan 17 03:59:31 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev148:
  * Reorganize api-ref: v3-ext endpoint-policy.inc
  * Implement controller logic for system group assignments
  * adjust response code in order of credentials.inc
  * Reorganize api-ref: v3-ext federation assertion.inc
  * Implement controller logic for system user assignments
  * Add schema check for authorize request token
  * Use keystone.common.provider\_api for trust APIs
  * Reorganize api-ref: v3-ext federation projects-domains
  * Rename fernet\_utils to token\_utils

-------------------------------------------------------------------
Tue Jan 16 15:55:31 UTC 2018 -  cloud-devel@suse.de

- Update to version keystone-13.0.0.0b3.dev130:
  * adjust response code order in 'regions-v3.inc'
  * Fix wrong url in config-options.rst
  * adjust response code order in 'authenticate-v3.inc'
  * Imported Translations from Zanata
  * Extract expiration validation to utils
  * adjust response code order in ''policies.inc''
  * adjust response code order in ''domains-config-v3.inc''
  * put response code in table of ''domains.inc''
  * fix wrong url link of User trusts
  * Add db operation for unified limit
  * add response example and 'extra' info of create user
  * Expose a get\_enforcer method for oslo.policy scripts
  * Reorganize api-ref: v3 service-catalog

-------------------------------------------------------------------
Mon Jan 15 14:41:46 UTC 2018 -  tbechtold@suse.com

- Update to version keystone-13.0.0.0b3.dev104:
  * Add new tables for unified limits
  * Migrate jobs to zuulV3
  * Add expired\_at\_int column to trusts
  * Handle InvalidScope exception from oslo.policy
  * Use keystone.common.provider\_api directly in assignment
  * Reorganize api-ref: v3 project-tags
  * Reorganize api-ref: v3 authenticate-v3
  * Deprecate [trust]/enabled option
  * Use keystone.common.provider\_api for resource APIs
  * Re-organize api-ref: v3 inherit.inc
  * Implement get\_unique\_role\_by\_name
  * Reorganize api-ref: v3 regions-v3
  * Reorganize api-ref: v3 policies
  * Reorganize api-ref: v3 credentials
  * Reorganize api-ref: v3 domains-config-v3
  * Reorganize api-ref: v3 projects
  * Reorganize api-ref: v3 roles
  * Use keystone.common.provider\_api for identity APIs
  * Use keystone.common.provider\_api for revoke APIs
  * Use keystone.common.provider\_api for oauth APIs
  * Use keystone.common.provider\_api for federation APIs
  * Use keystone.common.provider\_api for endpoint\_policy APIs
  * Use keystone.common.provider\_api for credential APIs
  * Use keystone.common.provider\_api for catalog APIs
  * Use keystone.common.provider\_api for token APIs
  * modify LOG.error tip message
  * Performance: improve get\_role
  * Add group system grant policies
  * Replace parse\_strtime with datetime.strptime
  * Remove private methods for v2.0 and v3 tokens
  * Ensure building scope is mutually exclusive
  * Add user system grant policies
  * Implement manager logic for group+system roles
  * Implement manager logic for user+system roles
  * Implement backend logic for system roles
  * Add a new table for system role assignments
  * Refactor project tags encoding
  * Expose a bug when authorize request token
  * Bump API version and date to 3.9
  * Create doc/requirements.txt
  * remove some misleading info in Update user API doc
  * Updated from global requirements
  * remove "admin\_token\_auth" related content"
  * Remove rolling\_upgrade\_password\_hash\_compat
  * Deprecate member\_role\_id and member\_role\_name
  * Migrate functional tests to stestr
  * Remove Dependency Injection
  * Remove extra parameter for token auth
  * Refresh sample\_data.sh
  * Improve exception logging with 500 response
  * Remove dead code for auth\_context
  * Updated from global requirements
  13.0.0.0b2
  * Reorganize api-ref:v3 groups
  * Handle deprecation of inspect.getargspec
  * Enforce policy on oslo-context
  * Correct error message for request token
  * Refresh the Controller list
  * Updated from global requirements
  * Update keystone testing documentation
  * Fix role schema in trust object
  * Validate disabled domains and projects online
  * Add New in Pike note to using db\_sync check
  * Fix 500 error when create trust with invalid role key
  * Expose a bug when create trust with roles
  * Remove member role assignment
  * Fix wrong links in keystone documentation
  * Add schema check for OS-TRUST:trust authentication
  * Expose a bug when authenticating for a trust-scoped token
  * Update the help message for unique\_last\_password\_count
  * Remove apache-httpd related link
  * Populate user, project and domain names from token into context
  * Remove setting of version/release from releasenotes
  * Updated from global requirements
  * Update cache doc
  * Updated from global requirements
  * Fix 500 error when authenticate with "mapped"
  * Updated from global requirements
  * Filter users/groups in ldap with whitespaces
  * Deprecate policies API
  * Change url in middleware test to v3
  * Remove ensure\_default\_domain\_exists
  * Ensure listing projects always returns tags
  * Consolidate V2Controller functionality
  * Remove v2 token value model
  * Add non-voting rolling upgrade test
  * Remove "no auth token" debug log
  * Partially clarify federation auth plugins
  * Handle ldap size limit exeeded exception
  * policy.v3cloudsample.json: remove redundant blank space
  * Remove expired password v2 test
  * Remove v2 token test models
  * Remove/update v2 catalog endpoint tests
  * Remove unnecessary dependency injection
  * Remove identity v2 to v3 test case
  * Reorganize api-ref: v3 domains
  * Correct parameter to follow convention
  13.0.0.0b1
  * Remove v2 schema and validation tests
  * Implement project tags API controller and router
  * Implement project tags logic into manager
  * Implement backend logic for project tags
  * Remove v2.0 assignment schema
  * Add project tags api-ref documentation and reno
  * Deleting an identity provider doesn't invalidate tokens
  * Add policy for project tags
  * Add JSON schema validation for project tags
  * Fix initial mapping example
  * Fix list in caching documentation
  * Updated from global requirements
  * Refactor test\_backend\_ldap tests
  * Emit deprecation warning for federated domain/project APIs
  * Reorganize api-ref: v3-ext federation auth
  * Reorganize api-ref: v3 users
  * Add explain of mapping group attribute
  * Move auth header definitions into authorization
  * Add default configuration files to data\_files
  * Update API reference link in README
  * Fix role assignment api-ref docs
  * Two different API achieve listing role assignments
  * Policy exception
  * Confusing notes of ephemeral user's domain
  * Fix endpoint examples in api-ref
  * Assert default project id is not domain
  * Add description of domain\_id in creating user/group

-------------------------------------------------------------------
Wed Oct 11 01:54:32 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev101:
  * Use stestr directly instead of ostestr

-------------------------------------------------------------------
Tue Oct 10 01:50:12 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev99:
  * Update the release name in install tutorial

-------------------------------------------------------------------
Sat Oct  7 01:53:20 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev98:
  * Remove v2.0 identity API documentation
  * Add database migration for project tags
  * Remove the v2\_deprecated decorator
  * Remove admin\_token\_auth steps from install guide
  * Replace assertRegexpMatches with assertregex
  * Update links in keystone
  * Update invalid url in admin docs

-------------------------------------------------------------------
Fri Oct  6 01:52:55 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev84:
  * Remove the v3 to v2 resource test case

-------------------------------------------------------------------
Thu Oct  5 01:52:44 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev82:
  * Remove the v2.0 validate path from validate\_token
  * Remove v2.0 test plumbing
  * Remove v2.0 auth APIs
  * Remove v2.0 token APIs
  * Remove middleware reference to PARAMS\_ENV and CONTEXT\_ENV
  * Refactor removal of duplicate projects/domains
  * Add test GET for member url in the Assignment API

-------------------------------------------------------------------
Wed Oct  4 01:52:07 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev68:
  * Remove v2.0 identity APIs

-------------------------------------------------------------------
Sun Oct  1 01:50:46 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev66:
  * Properly normalize protocol in Fedrations update\_protocol

-------------------------------------------------------------------
Thu Sep 28 01:49:43 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev64:
  * Migrate to stestr

-------------------------------------------------------------------
Tue Sep 26 01:49:06 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev62:
  * Updated from global requirements

-------------------------------------------------------------------
Fri Sep 22 01:49:18 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev61:
  * Add unit tests to mapping\_purge
  * Remove keystone-all doc
  * Remove v2.0 resource APIs

-------------------------------------------------------------------
Wed Sep 13 04:50:37 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev56:
  * Adds Bandit #nosec flag to instances of SHA1
  * Remove v2.0 assignment APIs
  * Remove v2.0 service and endpoint APIs

-------------------------------------------------------------------
Tue Sep 12 16:33:12 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev50:
  * Increase multi region endpoints test coverage

-------------------------------------------------------------------
Tue Sep 12 05:24:00 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev48:
  * Fix typos in bootstrap doc
  * Remove duplicate code
  *   Fix a typo
  * Remove vestigate HUDSON\_PUBLISH\_DOCS reference

-------------------------------------------------------------------
Sat Sep  9 05:22:47 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev40:
  * Add backport migrations for Pike

-------------------------------------------------------------------
Fri Sep  8 05:14:19 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev39:
  * Replace DbMigrationError with DBMigrationError

-------------------------------------------------------------------
Tue Sep  5 05:13:27 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev38:
  * Confusing log messages in project hierarchy checking

-------------------------------------------------------------------
Wed Aug 30 05:15:21 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev36:
  * Copy specific distro pages for install guide

-------------------------------------------------------------------
Tue Aug 29 05:10:48 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev34:
  * Log format error
  * Delete redundant code

-------------------------------------------------------------------
Sun Aug 27 03:14:34 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev30:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sat Aug 26 03:15:51 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev29:
  * Updated from global requirements
  * Clarify documentation for release notes
  * Call methods with kwargs instead of positionals

-------------------------------------------------------------------
Fri Aug 25 09:32:26 UTC 2017 - tbechtold@suse.com

- Cleanup BuildRequires

-------------------------------------------------------------------
Thu Aug 24 03:17:09 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev24:
  * Ignore release notes for pike and master

-------------------------------------------------------------------
Wed Aug 23 04:54:58 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev23:
  * Revert "Fix wrong links"
  * Remove missing release note from previous revert
  * Include a link in release note for bug 1698900

-------------------------------------------------------------------
Thu Aug 17 03:15:02 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev18:
  * Remove duplicate roles from federated auth
  * Add the step to create a domain
  * Add int storage of datetime for password created/expires
  * Resource backend is SQL only now

-------------------------------------------------------------------
Wed Aug 16 03:13:21 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev10:
  * Remove deprecation of domain\_config\_upload

-------------------------------------------------------------------
Tue Aug 15 03:11:30 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev8:
  * Fix wrong links
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sat Aug 12 03:13:11 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0rc2.dev5:
  * Update reno for stable/pike
  12.0.0.0rc1
  * Update docs: fernet is the default provider
  * Updated URLs in docs
  * Fix typo in index documentation

-------------------------------------------------------------------
Fri Aug 11 03:17:30 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev65:
  * Unset project ids for all identity backends
  * Add description for relationship links in api-ref
  * Cache list projects and domains for user
  * Remove unused hints from assignment APIs
  * Make an error state message more explicit
  * Fill in content in CLI Documentation
  * Except forbidden when clearing default project IDs
  * Update URL in README.rst
  * Document required \`type\` mapping attribute
  * Consolidate certificate docs to admin-guide

-------------------------------------------------------------------
Tue Aug  8 03:33:10 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev46:
  * Imported Translations from Zanata
  * Fix man page builds
  * Fill in content in User Documentation
  * Clarify SELinux note in LDAP documentation
  * Move credential encryption docs to admin-guide
  * Removed unnecessary setUp() calls from unit tests
  * Move url safe naming docs to admin guide

-------------------------------------------------------------------
Sat Aug  5 03:31:14 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev32:
  * Remove duplicate sample files
  * Remove policy for self-service password changes
  * Add role\_domain\_id\_request\_body in parameters

-------------------------------------------------------------------
Fri Aug  4 08:28:44 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev27:
  * use the show-policy directive to show policy settings
  * Add missing comma to json sample
  * Make federation documentation consistent

-------------------------------------------------------------------
Thu Aug  3 03:32:53 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev24:
  * Consolidate LDAP documentation into admin-guide
  * Imported Translations from Zanata
  * Add cli/ directory for documentation
  * Add user/ directory for documentation
  * Add contributor/ directory for docs
  * Filter users and groups in ldap
  * Handle auto-generated domains when creating IdPs
  * Clarify documentation on whitelists and blacklists
  * Remove duplicate configuration sections

-------------------------------------------------------------------
Wed Aug  2 03:33:15 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev8:
  * Fix ec2tokens validation in v2 after regression in metadata\_ref removal
  * Fix the documentation sample for OS-EP-FILTER

-------------------------------------------------------------------
Tue Aug  1 03:28:36 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev4:
  * Add the step to install apache2 libapache2-mod-wsgi
  * A simple fix about explicit unscoped string

-------------------------------------------------------------------
Mon Jul 31 03:29:07 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b4.dev1:
  * Updated from global requirements
  12.0.0.0b3

-------------------------------------------------------------------
Thu Jul 27 03:31:00 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev162:
  * In the devstack plugin, restart keystone after modifying conf
  * Move performance documentation to admin-guide
  * Added new subsections to developer docs
  * Make the devstack plugin more configurable for federation

-------------------------------------------------------------------
Wed Jul 26 03:31:31 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev154:
  * Move auth plugin development doc to contrib guide

-------------------------------------------------------------------
Tue Jul 25 03:31:14 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev152:
  * Fix wording of configuration help text
  * Added index.rst in each sub-directory
  * Optional request parameters should be not required
  * Add a hacking rule for string interpolation at logging
  * Enable sphinx todo extension

-------------------------------------------------------------------
Mon Jul 24 03:30:21 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev142:
  * Move development environment setup to contributor docs
  * remove default rule

-------------------------------------------------------------------
Sat Jul 22 03:30:14 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev138:
  * fix assert\_admin

-------------------------------------------------------------------
Thu Jul 20 03:31:12 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev136:
  * Updated from global requirements

-------------------------------------------------------------------
Wed Jul 19 03:30:53 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev135:
  * Reorganised developer documentation
  * Expanded the best practices subsection in devdocs
  * Reorganised api-ref index page
  * Merged the caching subsections in admin docs

-------------------------------------------------------------------
Tue Jul 18 03:26:57 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev127:
  * Added new docs to admin section
  * Update info about logging in admin guide

-------------------------------------------------------------------
Mon Jul 17 03:29:19 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev123:
  * Move bootstrapping documentation to admin-guide

-------------------------------------------------------------------
Sun Jul 16 03:31:36 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev121:
  * Updated from global requirements
  * [install] Clarify the paths of the rc files

-------------------------------------------------------------------
Sat Jul 15 03:29:27 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev118:
  * Add a release note for bug 1687593
  * Stop using deprecated 'message' attribute in Exception

-------------------------------------------------------------------
Fri Jul 14 03:31:36 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev115:
  * Move trust to DocumentedRuleDefault
  * Replaced policy.json with policy.yaml
  * Move import down to correct group

-------------------------------------------------------------------
Thu Jul 13 03:30:32 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev109:
  * Improved the keystone federation image
  * fix identity:get\_identity\_providers typo
  * Validate rolling upgrade is run in order

-------------------------------------------------------------------
Wed Jul 12 03:18:05 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev104:
  * Fixing flushing tokens workflow
  * Added configuration options using oslo.config
  * Added configuration references to documentation
  * Move upgrade documentation to admin-guide
  * Move caching docs into admin-guide

-------------------------------------------------------------------
Sat Jul  8 03:19:25 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev94:
  * Add history behind why keystone has two ports
  * Gear documentation towards a wider audience
  * Update security compliance documentation
  * Switch from oslosphinx to openstackdocstheme

-------------------------------------------------------------------
Fri Jul  7 03:19:40 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev87:
  * Removed apache-httpd guide from docs
  * Added a note for API curl examples
  * Migrated docs from devdocs to user docs

-------------------------------------------------------------------
Thu Jul  6 03:20:08 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev82:
  * Remove duplicate token docs

-------------------------------------------------------------------
Tue Jul  4 03:21:38 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-12.0.0.0b3.dev80:
  * Clarify LDAP invalid credentials exception
  * Ensure there isn't duplication in federated auth

-------------------------------------------------------------------
Mon Jul  3 09:08:14 UTC 2017 -  tbechtold@suse.com

- Update to version keystone-12.0.0.0b3.dev76:
  * Remove keystone\_tempest\_plugin from setup.cfg
  * Move implied role policies to DocumentedRuleDefault
  * Remove duplicated list conversion
  * Remove duplicated hacking rule
  * Document and add release note for HEAD APIs
  * Remove duplicate logging documentation
  * Updated from global requirements
  * Remove note about kvs from admin-guide
  * Move token flush documentation to admin-guide
  * Remove the revocation api config section
  * Rename Developer docs to Contributor docs
  * Removed unnecessary line breaks from install-guides
  * Added keystone installation guides
  * Implement HEAD for assignment API
  * Added keystone admin guides to documentation
  * Add annotation about token authenticate
  * Split test\_get\_head\_catalog\_no\_token
  * Move related project information into main doc
  * Move ec2 credential policies to DocumentedRuleDefault
  * Return 400 when trying to create trust with ambiguous role name
  * Reorganised keystone documentation structure
  * Updated the keystone docs to follow the docs theme
  * Fix PCI DSS docs on change\_password\_after\_first\_use
  * Add HEAD API to auth
  * Add HEAD APIs to federated API
  * Ensure the trust API supports HEAD requests
  * Ensure oauth API supports HEAD
  * Ensure the endpoint policy API supports HEAD
  * Improve handling of database migration checks
  * Updated from global requirements
  * Check log output rather than emitting in tests
  * Ensure HEAD is supported with simple cert
  * Ensure the ec2 API supports HEAD
  * Ensure the endpoint filter API supports HEAD
  * Move domain config to DocumentedRuleDefault
  * Add HEAD API to domain config
  * Updated from global requirements
  * Move grant policies to DocumentedRuleDefault
  * Move role policies to DocumentedRuleDefault
  12.0.0.0b2
  * Use DocumentedRuleDefault for token operations
  * Remove the local tempest plugin
  * Add response example in authenticate-v3.inc
  * Addition of "type" optional attribute to list credentials
  * Remove keystone.conf if not used
  * Updated from global requirements
  * Remove assertRaisesRegexp testing function
  * Update DirectMappingError in keystone.exception
  * Remove dependency requires if not used
  * Add role test to test\_consume\_trust\_once in test\_v3\_auth.py
  * Writing API & Scenario Tests docs
  * Handle group NotFound in effective assignment list
  * Updated from global requirements
  * Update doctor warning about caching
  * Basic overview of tempest and devstack plugins
  * Updated from global requirements
  * Updated from global requirements
  * Don't need to contruct data if not need persistence
  * Fix response body of getting role inference rule
  * Quotation marks should be included in http url using curl
  * Updated from global requirements
  * Replace test.attr with decorators.attr
  * Update test case for federation
  * Support new hashing algorithms for securely storing password hashes
  * Remove loading drivers outside of their expected namespaces
  * Change LDAPServerConnectionError
  * Error api about grant collections in policy\_mapping.rst
  * Updated from global requirements
  * Handle NotFound when listing role assignments for deleted users
  * Update sample configuration file for Pike
  * Change url scheme passed to oauth signature verifier
  * Updated from global requirements
  * Role name is unique within the owning domain
  * Remove LDAP delete logic and associated tests
  * Revert change 438035 is\_admin\_project default
  * Trivial fix typo in doc
  * Fix misnamed variable in config
  * Change url passed to oauth signature verifier to request url
  * Expose a bug in domain creation from idps
  * Role name is unique within the owning domain
  * Refactor is\_admin
  * Update fail message to test\_database\_conflicts
  * Fix keystone.tests.unit.test\_v3\_oauth1.MaliciousOAuth1Tests
  * Test config option 'user\_enabled\_default' with string type value
  * Stop using oslotest.mockpatch
  * Remove X-Auth-Token from response parameters
  * Fix test\_minimum\_password\_age\_and\_password\_expires\_days\_deactivated
  * Refactor Authorization:
  * Cleanup policy generation
  * Fix test keystone.tests.unit.test\_token\_bind.BindTest
  * Fix keystone.tests.unit.test\_backend\_ldap.LDAPIdentity
  * Remove test\_metadata\_invalid\_contact\_type
  * Update dead API spec links
  * override config option notification\_opt\_out with list
  * Add filter explain in api ref about parents\_as\_list and subtree\_as\_list
  * use '&' instead of '?' to connect parameters in url
  * Remove usage of enforce\_type
  * Revise doc about python 3.4
  * Update Devstack plugin for uwsgi and mod\_proxy\_uwsgi
  * Add notes in inherit.inc
  * Do not fetch group assignments without groups
  * Readability enhancements to architecture doc
  * Add response examples to OS-OAUTH1 api documentation
  * Correct oauth create\_request\_token documentation
  * Remove unused CONF
  * Remove unused LOG
  * Move policy generator config to config-generator/
  * Include sample policy file in documentation
  * Trivial Fix: fix typo in test comments
  * Move user policies to DocumentedRuleDefault
  * Explicitly set 'builders' option
  * Make flushing tokens more robust
  * Minor corrections in OS-OAUTH1 api documentation
  * Fix-test-of-assertValidRole
  * Small refactoring in tests development docs
  * Move endpoint group to DocumentedRuleDefault
  * Fix doc generation for python 3
  12.0.0.0b1
  * Updated from global requirements
  * Imported Translations from Zanata
  * Updated scope parameter description in v3 API-ref
  * Add Apache License Content in index.rst
  * Address comments from Policy in Code 5
  * Remove unused revocation check in revoke\_models
  * Updated from global requirements
  * Remove unused code in test\_revoke
  * Move group policies to DocumentedRuleDefault
  * Move consumer to DocumentedRuleDefault
  * Move access token to DocumentedRuleDefault
  * Move mapping to DocumentedRuleDefault
  * Move role assignment to DocumentedRuleDefault
  * Move region policies to DocumentedRuleDefault
  * Move project endpoint to DocumentedRuleDefault
  * Remove unnecessary processing when deleting grant
  * Add sem-ver flag so pbr generates correct version
  * Move protocol to DocumentedRuleDefault
  * Move credential policies to DocumentedRuleDefault
  * Move policy association to DocumentedRuleDefault
  * Move and refactor test\_revoke\_by\_audit\_chain\_id
  * Move policy policies to DocumentedRuleDefault
  * Move and refactor project\_and\_user\_and\_role
  * Updated from global requirements
  * Move and refactor test\_by\_domain\_domain
  * Move and refactor test\_by\_domain\_project
  * Move and refactor test\_by\_domain\_user
  * Remove unused method \_sample\_data in test\_revoke
  * Refactor test\_revoke to call check\_token directly
  * Differentiate between dpkg and rpm for libssl-dev
  * Move auth to DocumentedRuleDefault
  * Move service policies to DocumentedRuleDefault
  * Remove unnecessary setUp function in testcase
  * Remove policy file from source and refactor tests
  * Remove revocation API dependency from identity API
  * Remove revocation API dependency from resource API
  * Move project policies to DocumentedRuleDefault
  * Replace wip with skip
  * Removed domain conflict guard in load\_fixtures
  * Updated from global requirements
  * Remove create\_container\_group from tests
  * Move identity provider to DocumentedRuleDefault
  * Move endpoint policies to DocumentedRuleDefault
  * Move domain policies to DocumentedRuleDefault
  * Move service provider to DocumentedRuleDefault
  * Add policy sample generation
  * Removed the deprecated pki\_setup command
  * Reduce fixture setup in test\_backend\_ldap
  * Consolidate and cleanup test\_backend\_ldap setup
  * Remove conflict guards in load\_fixtures
  * Remove orphaned \_create\_context test helper
  * Remove orphaned AuthTestMixin from test\_v3
  * Move revoke events to DocumentedRuleDefault
  * Doc db\_sync --expand incurring downtime in upgrades to Newton
  * Fix some reST field lists in docstrings
  * Add a note to db\_sync configuration section
  * Remove unused revoke\_by\_domain\_role\_assignment
  * Remove unused revoke\_by\_project\_role\_assignment
  * Speed up check\_user\_in\_group for LDAP users
  * Add group\_members\_are\_ids to whitelisted options
  * Change is\_admin\_project to False by default
  * Remove password\_expires\_ignore\_user\_ids
  * Exclusively use restore\_padding method in unpacking fernet tokens
  * Address db\_sync check against new install
  * Add --check to keystone-manage db\_sync command
  * Use ostestr instead of the custom pretty\_tox.sh
  * Add unit test for db\_sync run out of order
  * Make use of Dict-base including extras explicit
  * Update endpoint api for optional region\_id
  * No need to enable infer\_roles setting
  * Create user option \`ignore\_lockout\_failure\_attempts\`
  * Deprecate [security\_compliance]\password\_expires\_ignore\_user\_ids
  * Add domain\_id to the user table
  * Do not call \`to\_dict\` outside of a session context
  * Fixed unraised exception in \_disallow\_write for LDAP
  * Add queries for federated attributes in list\_users

-------------------------------------------------------------------
Thu Mar 30 03:17:23 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev176:
  * Add charset to webob.Response
  * Reduce fixture setup in test_backend_ldap
  * Consolidate and cleanup test_backend_ldap setup
  * Remove conflict guards in load_fixtures
  * Remove orphaned _create_context test helper
  * Remove decorator for asserting validation errors
  * Remove unnecessary revocation events revoke grant
  * Remove unnecessary revocation events
  * Remove unnecessary revocation events

-------------------------------------------------------------------
Wed Mar 29 03:25:18 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev159:
  * Remove orphaned AuthTestMixin from test_v3
  * Move release note from /keystone/releasenotes to /releasenotes
  * Add a note to db_sync configuration section

-------------------------------------------------------------------
Tue Mar 28 05:54:07 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev154:
  * Remove log translations in keystone

-------------------------------------------------------------------
Sat Mar 25 16:49:14 UTC 2017 -  tbechtold@suse.com

- Update to version keystone-11.0.1.dev152:
  * Small fixes for WebOb 1.7 compatibiltity
  * Error messages are not translating with locale
  * Policy in code (part 5)
  * Policy in code (part 4)
  * Set the correct in-code policy for ec2 operations
  * Don't persist revocation events when deleting a role
  * Policy in code (part 3)
  * Policy in code (part 2)
  * Policy in code
  * Speed up check_user_in_group for LDAP users
  * Don't persist rev event when deleting access token
  * Include the requested URL in authentication errors
  * Use HostAddressOpt for opts that accept IP and hostnames
  * Remove x-subject-token in api-ref for v3/auth/catalog
  * Fix keystone.o.o URL

-------------------------------------------------------------------
Wed Mar 22 03:20:26 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev125:
  * Remove extra duplicate 'be' in description
  * Fix description for 204 response

-------------------------------------------------------------------
Thu Mar 16 03:23:41 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev122:
  * Add reno conventions to developer documentation
  * Updated from global requirements

-------------------------------------------------------------------
Tue Mar 14 03:24:03 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev118:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Mar 11 03:27:01 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev117:
  * Remove keystone.common.ldap

-------------------------------------------------------------------
Fri Mar 10 03:26:40 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev116:
  * Fix the typo
  * Add in-code comment to clarify pattern in tests
  * Test for fernet rotation recovery after disk full
  * API-ref return code fix
  * Updated from global requirements
  * Imported Translations from Zanata
  * Fix api-ref building with sphinx 1.5
  * Change is_admin_project to False by default
  * Remove pbr warnerrors in favor of sphinx check
  * Move driver loading inside of dict
  * Remove unused variable
  * Revise conf param in releasenotes
  * Modify examples to use v3 URLs
  * Fix the s3tokens endpoint

-------------------------------------------------------------------
Mon Mar  6 03:22:16 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev88:
  * Minor cleanup from patch 429047
  * Remove password_expires_ignore_user_ids
  * Typos in the LoadAuthPlugins note

-------------------------------------------------------------------
Sat Mar  4 03:28:17 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev82:
  * Fix duplicate handling for user-specified IDs
  * Give a prospective removal date for all v2 APIs
  * Stop reading local config dirs for domain-specific file config driver

-------------------------------------------------------------------
Fri Mar  3 12:48:21 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev76:
  * Removing group role assignments results in overly broad revocation events
  * Add instruction to restart apache
  * Exchange cURL examples for openstackclient
  * Remove x-subject-token in api-ref for v3/auth/{projects,domains}
  * Remove EndpointFilterCatalog
  * Fix some typo in releasenotes

-------------------------------------------------------------------
Wed Mar  1 03:24:31 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev64:
  * Ensure migration file names are unique to avoid caching errors

-------------------------------------------------------------------
Tue Feb 28 03:23:37 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev62:
  * Updated from global requirements
  * Exclusively use restore_padding method in unpacking fernet tokens
  * Correct and enhance OpenId Connect docs
  * Correct and enhance Mellon federation docs
  * Include 'token' in the method list for federated scoped tokens

-------------------------------------------------------------------
Mon Feb 27 03:24:19 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev53:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sun Feb 26 03:21:41 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev52:
  * Fix v2 role create schema validation

-------------------------------------------------------------------
Sat Feb 25 03:27:20 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev50:
  * Clear the project ID from user information
  * Fix MFA rule checks for LDAP auth
  * Address db_sync check against new install
  * Deprecate (and slate for removal) UUID tokens

-------------------------------------------------------------------
Fri Feb 24 03:44:30 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.1.dev43:
  * Update reno for stable/ocata
  11.0.0

-------------------------------------------------------------------
Tue Feb 21 04:19:37 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev42:
  * Fix typo in config doc
  * Updated from global requirements
  * Rename protocol cascade delete migration file

-------------------------------------------------------------------
Sat Feb 18 04:17:15 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev37:
  * Fix example response formatting
  * Remove logging import unused
  * Fix multiple uuid warnings with pycadf

-------------------------------------------------------------------
Thu Feb 16 12:54:42 UTC 2017 -  tbechtold@suse.com

- Update to version keystone-11.0.0.0rc2.dev31:
  * Remove the file encoding which is unnecessary

-------------------------------------------------------------------
Sat Feb 11 05:24:03 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev29:
  * Correct some typo errors
  * Federated mapping doc improvements
  * Deprecate (and emit message) AdminTokenAuthMiddleware
  * Use ostestr instead of the custom pretty_tox.sh

-------------------------------------------------------------------
Fri Feb 10 05:07:43 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev21:
  * Add --check to keystone-manage db_sync command
  * Add unit test for db_sync run out of order
  * use the correct bp link for shadow-mapping rel note

-------------------------------------------------------------------
Thu Feb  9 05:18:18 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev16:
  * Fixed warning when building keystone docs
  * Readability/Typo Fixes in Release Notes
  * Remove unused api parameters

-------------------------------------------------------------------
Tue Feb  7 05:14:20 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev11:
  * Remove KVS code

-------------------------------------------------------------------
Mon Feb  6 05:07:11 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev9:
  * Use httplib constants for http status codes

-------------------------------------------------------------------
Sun Feb  5 05:22:46 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev7:
  * Add placeholder migrations for Ocata
  * Update hacking version

-------------------------------------------------------------------
Sat Feb  4 05:33:37 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev3:
  * Renaming of api parameters
  * Update endpoint api for optional region_id

-------------------------------------------------------------------
Fri Feb  3 05:25:13 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0rc2.dev1:
  11.0.0.0rc1
  * Modify the spelling mistakes
  * Stop reading local config dirs for domain-specific SQL config driver
  * Prepare for using standard python tests

-------------------------------------------------------------------
Thu Feb  2 02:15:04 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b4.dev58:
  * update keystone.conf.sample for ocata-rc
  * Add MFA Rules Release Note
  * Remove de-dupe for MFA Rule parsing
  * Add comment to clarify resource-options jsonschema
  * Cleanup TODO, AuthContext and AuthInfo to auth.core
  * Cleanup TODO about auth.controller code moved to core
  * Add validation that token method isn't needed in MFARules
  * Add validation for mfa rule validator (storage)
  * Process and validate auth methods against MFA rules
  * No need to enable infer_roles setting
  * Fix bad error message from FernetUtils
  * Use https for docs.openstack.org references
  * Update PCI documenation

-------------------------------------------------------------------
Wed Feb  1 02:16:04 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b4.dev32:
  * Auth Plugins pass data back via AuthHandlerResponse
  * Auth Method Handlers now return a response object always
  * Add MFA Rules and Enabled User options
  * cleanup release notes from PCI options
  * Create user option `ignore_lockout_failure_attempts`
  * Implement better validation for resource options
  * Test cross domain authentication via implied roles

-------------------------------------------------------------------
Sun Jan 29 02:14:41 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b4.dev20:
  * Deprecate [security_compliance]\password_expires_ignore_user_ids
  * Fixes deprecations caused by latest oslo.context
  * PCI-DSS Force users to change password upon first use
  * Reuse already existing groups from upstream tempest config
  * add additional deprecation warnings for KVS options

-------------------------------------------------------------------
Sat Jan 28 02:15:27 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b4.dev10:
  * clean up release notes for ocata
  * Address follow-up comments from previous patchset
  * Cleanup for resource-specific options
  * Adds tests showing how mapping locals are handled
  11.0.0.0b3
  * Add 'options' as an explicit user schema validation
  * Code-Defined Resource-specific Options

-------------------------------------------------------------------
Fri Jan 27 02:14:27 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev167:
  * Set the domain for federated users
  * Refactor shadow users tests
  * Add domain_id to the user table
  * Do not call `to_dict` outside of a session context
  * Change unit test class to a less generic name
  * Verbose breakup of method into seperate methods
  * update entry points related to paste middleware
  * Add warning about using `external` with federation
  * Catch potential SyntaxError in federation mapping
  * Add DB operations tracing

-------------------------------------------------------------------
Wed Jan 25 02:53:49 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev147:
  * Remove code supporting moving resources between domains
  * Remove dogpile.core dependencies
  * Fixed unraised exception in _disallow_write for LDAP
  * Add password expiration queries for PCI-DSS
  * Add missing parentheses
  * Add queries for federated attributes in list_users
  * Remove LDAP write support
  * Remove releated role_tree_dn test
  * Allow user to change own expired password
  * Fix warnings generated by os-api-ref 1.2.0
  * Improvements to external auth documentation page
  * Updates to project mapping documentation

-------------------------------------------------------------------
Fri Jan 20 02:31:01 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev126:
  * Add documentation for auto-provisioning
  * Implement federated auto-provisioning
  * Fix typo in main docs page
  * switch @hybrid_property to @property

-------------------------------------------------------------------
Thu Jan 19 02:35:10 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev118:
  * Fix typo in shibboleth federation docs

-------------------------------------------------------------------
Wed Jan 18 02:37:29 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev117:
  * Handling of 'region' parameter as None
  * Exclude 'keystone_tempest_plugin' in doc build
  * Drop type in filters

-------------------------------------------------------------------
Sun Jan 15 02:34:47 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev111:
  * Corrected punctuation on multiple exceptions
  * Force use of AuthContext object in .authentcate()

-------------------------------------------------------------------
Sat Jan 14 02:37:49 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev108:
  * Cascade delete federated_user fk
  * update sample config for ocata release
  * fix broken links
  * Changed 'Driver' reference to 'TokenDriverBase'
  * Adds projects mapping to the mapping engine

-------------------------------------------------------------------
Fri Jan 13 02:37:23 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev99:
  * Fix keystone-manage mapping_engine tester
  * Add anonymous bind to get_connection method
  * Set connection timeout for LDAP configuration

-------------------------------------------------------------------
Thu Jan 12 02:39:46 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev95:
  * Invalid parameter name on interface
  * Bump API version and date
  * listing revoke events should be admin only
  * [api-ref] Clean up OS-EP-FILTER association docs

-------------------------------------------------------------------
Tue Jan 10 04:06:40 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev87:
  * Updated docstring for test_sql_upgrade.py
  * Use public interfaces of pep8 for hacking
  * Remove comment from previous migration

-------------------------------------------------------------------
Mon Jan  9 04:30:28 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev82:
  * [api-ref] Clean up OS-EP-FILTER documentation
  * Fixed not in toctree warnings when building docs

-------------------------------------------------------------------
Sat Jan  7 04:32:03 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev78:
  * Remove stevedore warning when building docs
  * Update docs to require domain_id when registering Identity Providers
  * Retry on deadlock Transactions in backend
  * Fix region_id responses and requests to be consistent
  * Remove endpoint_id parameter from EP-FILTER docs
  * [api] fix ep filter example
  * Require domain_id when registering Identity Providers
  * Fix minor typo
  * Remove references to Python 3.4
  * Improve assertion in test
  * Fixed 7 tests running twice in v3 identity
  * Wrap invalidation region to context-local cache

-------------------------------------------------------------------
Fri Jan  6 04:28:36 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev56:
  * Use assertGreater(len(x), y) instead of assertTrue(len(x) > y)
  * Correct invalid rst in api docs
  * Fix issues with keystone-dsvm-py35-functional-v3-only on py35
  * Fix the usage of tempest.client.Manager class
  * Correct timestamp format in token responses
  * Remove unused exceptions from CADF notifications
  * Minor improvement in test_user_id_persistence

-------------------------------------------------------------------
Wed Jan  4 03:25:53 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev44:
  * Remove CONF.domain_id_immutable
  * Fix test function name with two underscores to have only one

-------------------------------------------------------------------
Tue Jan  3 03:27:12 UTC 2017 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev41:
  * Updated from global requirements
  * Fix import ordering in tempest plugins
  * Federated authentication via ECP functional tests
  * Fix cloud_admin rule and ensure only project tokens can be cloud admin

-------------------------------------------------------------------
Sat Dec 31 03:23:48 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev34:
  * [api] Inconsistency between v3 API and keystone token timestamps

-------------------------------------------------------------------
Fri Dec 30 03:30:31 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev32:
  * Handle disk write failure when doing Fernet key rotation

-------------------------------------------------------------------
Thu Dec 29 03:23:04 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev30:
  * Removes unnecessary utf-8 encoding

-------------------------------------------------------------------
Mon Dec 26 03:23:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev29:
  * Remove unused variables from unit test method

-------------------------------------------------------------------
Sat Dec 24 03:21:48 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev27:
  * Updated from global requirements
  * Remove duplicate role assignment in federated setup
  * Remove unused variables from federation tests

-------------------------------------------------------------------
Fri Dec 23 03:13:44 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev22:
  * move common sql test helpers to base class

-------------------------------------------------------------------
Thu Dec 22 03:29:15 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev20:
  * Add reason to CADF notifications in docs
  * [doc] point release note docs to project team guide
  * [api] set `is_admin_project` on tokens for admin project
  * Add reason to notifications for PCI-DSS

-------------------------------------------------------------------
Wed Dec 21 03:23:27 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev13:
  * Settings for test cases
  * Invalidate token cache after token delete

-------------------------------------------------------------------
Tue Dec 20 03:22:08 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev11:
  * Fix typo in doc
  * fix one typo

-------------------------------------------------------------------
Sun Dec 18 03:19:26 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev8:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Dec 17 03:22:04 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b3.dev7:
  * Use assertGreater(len(x), y) instead of assertTrue(len(x) > y)
  * replace assertTrue with assertIs
  11.0.0.0b2
  * Replace logging with oslo_log
  * Make user to nonlocal_user a 1:1 relationship

-------------------------------------------------------------------
Fri Dec 16 07:37:30 UTC 2016 -  tbechtold@suse.com

- Update to version keystone-11.0.0.0b2.dev167:
  * expose v3policy failure with is_admin_token
  * Add doctor checks for ldap symptoms

-------------------------------------------------------------------
Fri Dec 16 03:13:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev163:
  * Implement password requirements API
  * Fix a typo in comment
  * Add unit tests for doctor token_fernet symptoms
  * Remove impossible case from _option_dict method
  * Make _option_dict() a method for domain_config_api
  * Add unit tests for doctor tokens symptoms
  * Add checks for doctor credential symptoms

-------------------------------------------------------------------
Thu Dec 15 03:17:22 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev150:
  * Add id to conflict error if caused by duplicate id
  * Refactors _get_names_from_role_assignments
  * Add doctor tests on security_compliance and rename

-------------------------------------------------------------------
Wed Dec 14 03:22:50 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev144:
  * Do not manually remove /etc/shibboleth folder
  * API Documentation for user password expires
  * Revert "API Documentation for user password expires"

-------------------------------------------------------------------
Tue Dec 13 03:23:50 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev139:
  * Move V2TokenDataHelper to the v2.0 controller
  * Remove exception from v2 validation path

-------------------------------------------------------------------
Mon Dec 12 03:20:41 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev135:
  * API Documentation for user password expires
  * Clean up keystone doc landing page

-------------------------------------------------------------------
Sat Dec 10 03:18:38 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev132:
  * Fix typo in api-ref doc
  * Make bootstrap idempotent when it needs to be

-------------------------------------------------------------------
Fri Dec  9 04:38:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev129:
  * Add unit tests for doctor's database symptoms
  * Print name with duplicate error on user creation
  * Expose idempotency issue with bootstrap
  * Print domain name in mapping_populate error message
  * Correct missspellings of secret
  * Trivial indentation corrections in mappings doc
  * Add doctor check for debug mode enabled
  * Fixed multiple warnings in tox -edocs
  * Get assignments with names honors inheritance flag
  * Add test to expose bug 1625230
  * Revert "Rename doctor symptom in security_compliance"
  * Include mapped in the default auth methods
  * Upload service provider metadata to testshib

-------------------------------------------------------------------
Thu Dec  8 02:04:18 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev104:
  * Updated from global requirements
  * Domain included for role in list_role_assignment
  * Corrects sample-data incorrect credential call

-------------------------------------------------------------------
Wed Dec  7 02:07:01 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev99:
  * api-ref update for roles assignments with names
  * Rename doctor symptom in security_compliance
  * Correct minor issues in test schema
  * Add unit tests for doctor federation file
  * Remove CONF.os_inherit.enabled

-------------------------------------------------------------------
Sun Dec  4 02:02:53 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev90:
  * Add unit tests for doctor's caching symptoms

-------------------------------------------------------------------
Sat Dec  3 02:00:08 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev88:
  * Updated from global requirements
  * Updated from global requirements
  * More info in schema validation error
  * Minor fix in role_assignments api-ref
  * Validate token issue input

-------------------------------------------------------------------
Thu Dec  1 02:04:13 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev80:
  * Removes unused exceptions
  * Removes unused method from assignment core

-------------------------------------------------------------------
Wed Nov 30 02:05:19 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev76:
  * Removes unused default_assignment_driver method
  * Removed unused EXTENSION_TO_ADD test declarations
  * Use sha512.hash() instead of .encrypt()
  * Don't invalidate all user tokens of roleless group
  * Updated from global requirements
  * SAML federation docs refer to old WSGIScriptAlias
  * cache_on_issue default to true

-------------------------------------------------------------------
Tue Nov 29 02:02:39 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev63:
  * Make try/except work for passlib 1.6 and 1.7
  * Document token header in federation auth response
  * Refactor Keystone admin-tokens and admin-users v2
  * ignore deprecation warning for .encrypt()
  * Send the identity.deleted.role_assignment after the deletion
  * Allow fetching an expired token
  * Remove unused statements in matches

-------------------------------------------------------------------
Mon Nov 28 02:05:56 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev50:
  * Remove eventlet-related call to sleep

-------------------------------------------------------------------
Sun Nov 27 02:03:10 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev48:
  * Show team and repo badges on README

-------------------------------------------------------------------
Sat Nov 26 02:04:47 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev46:
  * Add a comment about not using assertTrue

-------------------------------------------------------------------
Thu Nov 24 02:05:03 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev45:
  * clean up developer docs
  * Improvements in error messages
  * Remove trailing "d" from -days param of OpenSSL command
  * Swap the notification formats in the docs
  * Normalizes use of ForbiddenAction in trusts
  * Enable CADF notification format by default
  * Fix doc example
  * Remove extension and auth_token middleware docs
  * Move docs from key_terms to architecture
  * move content from configuringservices to configuration
  * Update configuration.rst documentation
  * Verbose 401/403 debug responses
  * Fix the misspelling in `keystone/tests/unit/test_cli.py`
  * refactor notification test to work with either format
  * Clarify the v2.0 validation path
  * Remove metadata from token provider
  * Lockout ignore user list
  * Add developer docs for keystone-manage doctor
  * [api] add changelog from 3.0 -> 3.7
  * Devstack plugin to federate with testshib.org
  * Remove format_token method
  * Remove issue_v3_token in favor of issue_token
  * Remove issue_v2_token
  * refactor the token controller
  * Use issue_v3_token instead of issue_v2_token

-------------------------------------------------------------------
Fri Nov 18 02:04:47 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-11.0.0.0b2.dev4:
  * Remove entry_points to non-existent drivers
  11.0.0.0b1

-------------------------------------------------------------------
Thu Nov 17 02:06:24 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev299:
  * Fix typo in doc
  * remove release note about LDAP write removal
  * Change "Change User Password" request example

-------------------------------------------------------------------
Wed Nov 16 01:51:20 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev293:
  * Fixes remaining nits in endpoint_policy tests
  * Remove reference to future removal of saml
  * Limits config fixture usage to where it's needed

-------------------------------------------------------------------
Tue Nov 15 02:06:48 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev289:
  * Updated from global requirements
  * Replace tenant with project for keystone catalog
  * Deprecate `endpoint_filter.sql` backend

-------------------------------------------------------------------
Sat Nov 12 02:04:33 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev284:
  * Updates to the architecture doc

-------------------------------------------------------------------
Fri Nov 11 02:04:26 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev283:
  * Request cache should not update context
  * Create unit tests for endpoint policy drivers

-------------------------------------------------------------------
Thu Nov 10 02:06:20 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev280:
  * Support nested groups in Active Directory
  * Add healthcheck middleware to pipelines
  * Change cfg.set_defaults into cors.set_defaults
  * Updated from global requirements
  * Updated from global requirements
  * Switch fernet to be the default token provider
  * Doctor ldap check fix for config files
  * Document OS-SIMPLE-CERT Routes
  * [api-ref] Fix couple of issues on OS-INHERIT API
  * Using assertIsNone(...) instead of assertIs(None, ...)

-------------------------------------------------------------------
Wed Nov  9 02:03:20 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev262:
  * Doc warning for keystone db migration

-------------------------------------------------------------------
Tue Nov  8 02:02:02 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev260:
  * Wording error in upgrading documentation

-------------------------------------------------------------------
Mon Nov  7 02:02:53 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev259:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Nov  5 02:02:57 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev258:
  * fix credentials backend tests

-------------------------------------------------------------------
Fri Nov  4 02:05:07 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev257:
  * Allow running expand & migrate at the same time
  * Add test cases for passing "None" as a hint

-------------------------------------------------------------------
Thu Nov  3 02:03:49 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev253:
  * Fix test_revoke to run all tests after pki removal
  * Updated from global requirements

-------------------------------------------------------------------
Wed Nov  2 02:02:29 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev250:
  * Remove support for PKI and PKIz tokens
  * Doc the difference between memcache and cache
  * Additional logging when authenticating
  * Document v2 Revoked Token Route
  * Fix broken links in the docs
  * Add bindep environment to tox
  * log.error use _ of i18n
  * Adds warning when no domain configs were uploaded
  * Add release note for fernet tokens

-------------------------------------------------------------------
Tue Nov  1 02:14:18 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev232:
  * Add api-ref /auth/tokens/OS-PKI/revoked (v3)
  * Add structure for Devstack plugin
  * Pass a request to controllers instead of a context
  * Create default role as a part of bootstrap
  * Updated from global requirements
  * Don't deprecate the LDAP property which is still needed
  * Clarifying on the remove of `build_auth_context` middleware
  * Doctor check for LDAP domain specific configs
  * Faster id mapping lookup

-------------------------------------------------------------------
Fri Oct 28 01:12:21 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev218:
  * Updated from global requirements

-------------------------------------------------------------------
Tue Oct 25 01:56:25 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev217:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Oct 22 01:58:50 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev216:
  * Updated from global requirements
  * Validate mapping exists when creating/updating a protocol

-------------------------------------------------------------------
Fri Oct 21 02:01:18 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev213:
  * Remove new_id() in test_revoke

-------------------------------------------------------------------
Thu Oct 20 02:03:38 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev212:
  * Tweak api-ref doc for v3 roles
  * Tweak api-ref doc for v3 roles status codes
  * Reorder APIs in api-ref for v3 groups
  * Follow-on of memcache token persistence removal

-------------------------------------------------------------------
Wed Oct 19 04:34:22 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev207:
  * [api-ref] Remove the duplicated sample
  * changed domain id to name in JSON request
  * Remove backend dependencies from token provider
  * Tweak api-ref for v3 groups status codes

-------------------------------------------------------------------
Tue Oct 18 04:33:20 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev200:
  * More configuration doc edits
  * Updated from global requirements
  * Code cleanup
  * Drop MANIFEST.in - it's not needed by pbr
  * Optimize remove unused variable
  * Enable release notes translation
  * Fix a docstring typo in test_v3_resource.py

-------------------------------------------------------------------
Sun Oct 16 04:39:55 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev187:
  * Imported Translations from Zanata
  * Update, correct, and enhance federation docs
  * Remove unused arg(project and initiator)

-------------------------------------------------------------------
Sat Oct 15 04:31:55 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev181:
  * Invalidate trust when the related project is deleted
  * Ignore unknown arguments to fetch_token
  * Return password_expires_at during auth
  * Move the token abstract base class out of core
  * Add is_admin_project to policy dict
  * Fix a typo in token_formatters.py
  * Invalidate trust when the trustor or trustee is deleted

-------------------------------------------------------------------
Fri Oct 14 04:39:33 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev167:
  * Improve check_token validation performance
  * Add revocation event indexes
  * Add docs for PCI-DSS
  * [api] add a note about project name restrictions
  * One validate method to rule them all..

-------------------------------------------------------------------
Thu Oct 13 04:32:00 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev157:
  * Updated from global requirements
  * Simplify the KeystoneToken model
  * Remove validate_v2_token() method
  * [api] remove `user_id` and `project_id` from policy
  * Remove the decorator where it's not applied
  * Use validate_v3_token instead of validate_token
  * Ensure all v2.0 tokens are validated the same way
  * Make sure all v3 tokens are validated the same way
  * Updating the document regarding LDAP options

-------------------------------------------------------------------
Tue Oct 11 04:31:04 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev142:
  * Remove those redundant variable declaration
  * [doc] Correct mapping JSON example
  * Remove no use variable (domain_id)

-------------------------------------------------------------------
Mon Oct 10 04:35:01 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev136:
  * Remove redundant variable declaration

-------------------------------------------------------------------
Sun Oct  9 04:35:08 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev135:
  * Pass initiator to Manager as a kwarg

-------------------------------------------------------------------
Sat Oct  8 04:51:55 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev133:
  * remove deprecated `[endpoint_policy] enable` option
  * create release notes for removed functionality
  * Remove driver version specifiers from tests
  * Remove driver version from identity backend test names
  * Remove driver version from docs
  * remove legacy driver tox target
  * Move audit initiator creation to request
  * Don't validate token expiry in the persistence backend
  * Remove the check for admin token in build_auth_context middleware
  * remove deprecated items from contrib
  * Undeprecate options used for signing
  * remove keystone/service.py

-------------------------------------------------------------------
Fri Oct  7 04:57:02 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev109:
  * Updated from global requirements
  * Default the assignment backend to SQL
  * Default the resource backend to SQL
  * Remove password history validation from admin password resets
  * Fix formatting strings in LOG.warning

-------------------------------------------------------------------
Thu Oct  6 04:56:19 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev100:
  * re-add valid comment about None domain ID
  * Make returning is_domain conditional
  * Add tests for validating expired tokens
  * Remove stable driver interfaces

-------------------------------------------------------------------
Wed Oct  5 04:47:38 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev93:
  * Fix a typo in _init_.py

-------------------------------------------------------------------
Tue Oct  4 02:52:48 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev92:
  * Remove the unused sdx doc files
  * Update man page for Ocata release version and date

-------------------------------------------------------------------
Sat Oct  1 02:31:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev88:
  * Updated from global requirements
  * Updated from global requirements
  * Remove the no use arg (auth=None)

-------------------------------------------------------------------
Fri Sep 30 09:19:00 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev84:
  * Fix typo in docstring
  * Updated from global requirements
  * Add Apache 2.0 license to source file
  * Fix a typo in core.py and bp-domain-config-default-82e42d946ee7cb43.yaml
  * Validate password history for self-service password changes
  * Make test_v3_auth exercise the whole API

-------------------------------------------------------------------
Wed Sep 28 23:36:48 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev74:
  * Reorder APIs in api-ref doc for v3 users
  * Updated from global requirements

-------------------------------------------------------------------
Tue Sep 27 23:36:44 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev71:
  * Updated from global requirements
  * Remove unused path in the v2 token controller
  * Remove useless method override

-------------------------------------------------------------------
Tue Sep 27 00:24:40 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev66:
  * Using assertIsNone() instead of assertIs(None)
  * Remove default=None when set value in config
  * Add domain check in domain-specific role implication

-------------------------------------------------------------------
Sat Sep 24 23:49:20 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev60:
  * Fix the belongsTo query parameter
  * Fix 'API Specification for Endpoint Filtering' broken link

-------------------------------------------------------------------
Fri Sep 23 23:50:08 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev57:
  * Override credential key repository for null key tests

-------------------------------------------------------------------
Thu Sep 22 23:50:04 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev56:
  * remove memcache token persistence backends
  * remove saml2 auth plugin
  * remove httpd/keystone.py
  * remove cache backends
  * Revert "Allow compatibility with keystonemiddleware 4.0.0"
  * Tweak status code in api-ref doc for v3 users

-------------------------------------------------------------------
Wed Sep 21 23:50:09 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev44:
  * Consolidate the common code into one method
  * Handle the exception from creating request token properly
  * Fix formatting strings in LOG.debug
  * Handle the exception from creating access token properly
  * Updated from global requirements
  * Give domain admin rights to domain specific implied roles

-------------------------------------------------------------------
Tue Sep 20 23:49:44 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev32:
  * Fix prameters names in Keystone API v2-ext
  * Refactor Keystone admin-tenant API v2
  * Refactor Keystone admin-endpoint API
  * Fix for unindent warning in doc build
  * add placeholder migrations for newton
  * Remove  default=None for config options
  * Ensure the sqla-migrate scripts cache is cleared
  * Move test_sql_upgrade.MigrationRepository into keystone.common
  * Rename sql.migration_helpers to sql.upgrades
  * Update reno for stable/newton
  * Refactor find_migrate_repo(): require caller to specify repo
  * Fixes password created_at errors due to the server_default
  * Adds tests for verify_length_and_trunc_password()

-------------------------------------------------------------------
Thu Sep 15 23:49:31 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0rc2.dev9:
  * Move the responsibility for stdout to the CLI module
  * Use a read-only DB session to retrieve schema version
  * Move rolling upgrade repo names into constants
  10.0.0.0rc1
  * Removal of imports within functions
  * Trivial fixes in the ldap common functions
  * Test that rolling upgrade repos are in lockstep
  * Tweak api-ref doc for services/endpoints
  * EndpointPolicy driver doesn't inherit interface
  * Use URIOpt for endpoint URL options

-------------------------------------------------------------------
Wed Sep 14 23:49:47 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev85:
  * Add unit tests for isotime()
  * Remove unused _convert_to_integers() method
  * Remove unused read_cached_file method from utils
  * Allow compatibility with keystonemiddleware 4.0.0
  * Fix links on configure_federation documentation
  * Add edge case tests for disabling a trustee
  * Remove unused method from keystone.common.utils
  * Consistently round down timestamps

-------------------------------------------------------------------
Tue Sep 13 23:49:35 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev71:
  * Fix prameters name and response codes in Keystone API v2

-------------------------------------------------------------------
Mon Sep 12 23:49:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev69:
  * Use issued_at in fernet token provider
  * Use ConfigParser instead of SafeConfigParser
  * Remove the APIs from doc that is not supported yet
  * TrivialFix: Merge imports in code
  * Fix the nit on how to deploy keystone with `mod_proxy_uwsgi`
  * Tweak api-ref doc for projects
  * Fix order of arguments in assertIs

-------------------------------------------------------------------
Sat Sep 10 23:49:45 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev56:
  * Remove the dead link in schema migration doc

-------------------------------------------------------------------
Fri Sep  9 23:48:46 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev55:
  * Updated from global requirements
  * Use freezegun for change password tests

-------------------------------------------------------------------
Thu Sep  8 23:48:30 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev52:
  * New notes on advanced upgrade/fallback for cluster
  * standardize release note page ordering
  * [api-ref] Correct response code status
  * Replace six iteration methods with standard ones
  * Fixes a nit in a comment
  * Updates configuration doc with latest changes
  * Update sample keystone.conf for Newton
  * Project domain must match role domain for assignment
  * Add docs for the null key
  * Log warning if null key is used for encryption
  * Introduce null key for credential encryption

-------------------------------------------------------------------
Wed Sep  7 23:48:59 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev30:
  * More nit doc fixes
  * Keep the order of passwords in tests
  * [api-ref] Stop supporting os-api-ref 1.0.0
  * Fix up some doc nits
  * [api-ref] Correcting parameter's type
  * Correct link type
  * Emit log message for fernet tokens only
  * Set default value for [saml]/idp_contact_surname

-------------------------------------------------------------------
Tue Sep  6 23:51:59 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev15:
  * Only cache callables in the base manager

-------------------------------------------------------------------
Mon Sep  5 23:48:36 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev13:
  * Fix problems in service api doc
  * Raise NotImplementedError instead of NotImplemented
  * Add the deprecated_since to deprecated options
  * Add doctor checks for credential fernet keys
  * Block global roles implying domain specific roles

-------------------------------------------------------------------
Fri Sep  2 23:48:14 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b4.dev4:
  * Few new commands missing from docs
  * Implement encryption of credentials at rest
  * Typo: key_manger_factory to key_mangler_factory
  10.0.0.0b3

-------------------------------------------------------------------
Fri Sep  2 03:59:37 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev466:
  * Fixes spelling mistakes
  * Fixes migration where password created_at is nullable
  * Correct typo in mapping_populate command's help
  * Relax the requirement for mappings to result in group memberships
  * Document credential encryption
  * Update sample uwsgi config for lazy-apps
  * Add documentation on how to set a user's tenant
  * Pre-cache new tokens
  * Config logABug feature for Keystone api-ref
  * Fix nits in db migration dev docs
  * Disallow new migrations in the legacy migration repository
  * Updated from global requirements
  * Update developer docs for new rolling upgrade repos
  * Add man page info for credential setup command
  * Remove unnecessary try/except from token provider
  * Fixes small grammar mistake in docstring
  * Add a feature support matrix for identity sources
  * Fix wrong response codes in 'groups' APIs
  * Make token_id a required parameter in v3_to_v2_token
  * Distributed cache namespace to invalidate regions
  * Fix formatting strings when using multiple variables
  * Add credential setup command
  * Add Response Example for 'Create credential' API
  * Add Response Example for 'Passwd auth with unscoped authorization'
  * Remove mapping schema from the doc
  * Impose a min and a max on time values in CONF.token
  * Adds password regular expression checks to doctor
  * Let upgrade tests control all 4 repositories at once
  * Adds check that minimum password age is less than password expires days
  * Modify sql banned operations for each of the new repos
  * api-ref: Splitting status lines in API v3-ext
  * api-ref: Splitting status lines in API v3
  * [api] add relationship links to v3-ext

-------------------------------------------------------------------
Mon Aug 29 03:37:16 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev403:
  * Repair link in Keystone documentation

-------------------------------------------------------------------
Sat Aug 27 03:40:30 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev401:
  * Fix some typos in comments
  * Cleaning imports in code
  * Updated from global requirements
  * TrivialFix: Remove logging import unused
  * Remove unused global variable from unit tests

-------------------------------------------------------------------
Fri Aug 26 03:41:28 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev391:
  * Removes old, unused code
  * Reduce log level of Fernet key count message
  * Updated from global requirements
  * Use egg form of osprofiler in paste pipeline
  * [api-ref]: Outdated link reference
  * Support new osprofiler API

-------------------------------------------------------------------
Thu Aug 25 06:22:45 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev380:
  * Remove mox from test-requirements
  * TrivialFix: Remove logging import unused
  * Remove unnecessary __init__
  * Add mapping_populate command
  * Doc fix: "keystone-manage upgrade" is not a thing

-------------------------------------------------------------------
Thu Aug 25 03:54:01 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev370:
  * Doc fix: license rendered in published doc
  * Fix credential update to ec2 type
  * Add key repository uniqueness check to doctor
  * Update `href` for keystone extensions
  * Get ready for os-api-ref sphinx theme change

-------------------------------------------------------------------
Wed Aug 24 03:48:08 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev360:
  * Shadowing a nonlocal_user incorrectly creates a local_user

-------------------------------------------------------------------
Tue Aug 23 03:51:47 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev358:
  * Updated from global requirements
  * Add entrypoint for mapped auth method
  * Create unit tests for the policy drivers

-------------------------------------------------------------------
Mon Aug 22 07:05:06 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev353:
  * Add create and update methods to credential Manager

-------------------------------------------------------------------
Mon Aug 22 03:45:41 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev351:
  * Fix the wrong URI for the OAuth1 extension in api-ref
  * Add rolling upgrade documentation
  * Create a fernet credential provider

-------------------------------------------------------------------
Sun Aug 21 06:53:23 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev345:
  * Make KeyRepository shareable
  * Add conf to support credential encryption

-------------------------------------------------------------------
Sat Aug 20 03:47:47 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev341:
  * Add expand, data migration and contract logic to keystone-manage
  * Replace the content type with correct one

-------------------------------------------------------------------
Fri Aug 19 03:51:40 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev337:
  * Password expires ignore user list
  * Removes use of freezegun in test_auth tests
  * Removes a redundant test from FernetAuthWithTrust
  * Tidy up for late-breaking review comments on keystone-manage
  * PCI-DSS Minimum password age requirements
  * api-ref: Document domain specific roles
  * Make all token provider behave the same with trusts
  * Add dummy domain_id column to cached role
  * Removes duplicate ldap test setup
  * Extracted common ldap setup and use in the filter tests

-------------------------------------------------------------------
Thu Aug 18 03:50:03 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev319:
  * api-ref: Fix parameters attributes

-------------------------------------------------------------------
Wed Aug 17 03:45:18 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev318:
  * Revert "Add debug logging to revocation event checking"
  * Add credential encryption exception
  * Pass key_repository and max_active_keys to FernetUtils
  * Make a FernetUtils class
  * Add support for rolling upgrades to keystone-manage
  * api-ref: Document implied roles API
  * Trust controller refactoring

-------------------------------------------------------------------
Tue Aug 16 03:47:19 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev305:
  * Move fernet utils into keystone/common/
  * api-ref: Correcting V3 OS-INHERIT APIs
  * Constraints are ready to be used for tox.ini
  * Skip middleware request processing for admin token
  * Remove the redundant verification in OAuth1 authorization

-------------------------------------------------------------------
Sun Aug 14 03:48:41 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev295:
  * Fix typo in the file

-------------------------------------------------------------------
Sat Aug 13 04:20:45 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev294:
  * Add debug logging to revocation event checking
  * Detail Federation Service Provider APIs in api-ref
  * Detail Fed Projects and Domains APIs in api-ref
  * add a header for the federation APIs
  * Detail Federation Mapping APIs in api-ref docs
  * Detail Federation Auth APIs in api-ref docs
  * Detail Federation Assertion APIs in api-ref docs
  * Move other-requirements.txt to bindep.txt
  * Detail IdP APIs in api-ref docs
  * api-ref: Add default domain config documentation
  * Updated from global requirements
  * [api] add relationship links to v3
  * api-ref: Renaming parameters of V3-ext APIs
  * Add basic upgrade documentation

-------------------------------------------------------------------
Fri Aug 12 03:56:38 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev267:
  * Refactor revoke matcher
  * Document get auth/catalog,projects,domains
  * api-ref: Correcting V3 Credentials APIs
  * api-ref: Correcting V3 Policies APIs
  * api-ref: Correcting V3 Authentication APIs
  * api-ref: Correcting V3 Domain config APIs
  * Use international logging message
  * Updates Development Environment Docs

-------------------------------------------------------------------
Thu Aug 11 03:59:22 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev252:
  * api-ref: Add query options to GET /projects API documentation
  * Updated from global requirements
  * api-ref: Add missing parameter tables to tenant
  * api-ref: Correcting V3 Endpoints APIs
  * api-ref: Correcting V3 Services APIs
  * api-ref: Add "nocatalog" option to GET /v3/auth/tokens
  * Fix warning when running tox -e api-ref

-------------------------------------------------------------------
Wed Aug 10 03:45:05 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev239:
  * remove test utilities related to adding extensions
  * PCI-DSS Password expires validation

-------------------------------------------------------------------
Tue Aug  9 03:56:26 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev235:
  * Document query option (is_domain) for projects
  * Update etc/keystone.conf.sample
  * Make hash_algorithms order deterministic
  * Report v2.0 as deprecated in version discovery
  * Update the api-ref to mark the v2 API as deprecated
  * Add schema validation to create user v2
  * Fix the spelling of a test name
  * Remove mention of db_sync per backend
  * Use more specific asserts in tests
  * Updated from global requirements
  * Add debug logging for RevokeEvent deserialize problem
  * Clean up the introductory text in the docs
  * Retry revocation on MySQL deadlock
  * Add schema validation to update user v2
  * PCI-DSS Lockout requirements
  * Improve domain configuration API docs
  * Move Assertion API to its own file
  * Bump API version number and date
  * Move Federation Auth API to its own file
  * Move List Projects and Domains API to its own file
  * Move Service Provider API to its own file
  * Move Mapping API to its own file
  * Use %()d for integer substitution
  * Don't include openstack/common in flake8 exclude list
  * Added postgresql libs to developer docs
  * Add schema validation to create service in v2
  * refactor idp to its own file
  * PCI-DSS Password history requirements
  * Remove configuration references to eventlet
  * Adds a custom deepcopy handler
  * Add token feature support matrix to documentation
  * Test number of queries on list_users
  * Adds test for SecurityError's translation behavior
  * Fix python{3,}-all-dev depends in deb based
  * Use URIOpt instead of StrOpt for SAML config

-------------------------------------------------------------------
Tue Aug  2 03:45:05 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev172:
  * Add schema validation to v2 update tenant
  * Updated from global requirements
  * Move Identity Provider API to its own file
  * Allow attributes other than `enabled` in schema
  * Remove the extensions repos
  * Document the domain config API as stable
  * No need the redundant validation in manager level
  * Add the missing testcases for `name` and `enabled`
  * TOTP auth not functional in python3
  * Invalid tls_req_cert constant as default
  * Allow V2TestCase to be tested against fernet and uuid
  * Make AuthWithTrust testable against uuid and fernet
  * Add schema for enabling a user

-------------------------------------------------------------------
Fri Jul 29 04:07:24 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev149:
  * Add schema validation to v2 create tenant

-------------------------------------------------------------------
Wed Jul 27 03:39:49 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev147:
  * Use quotes consistently in token controller
  * Add performance tuning documentation
  * Improve os-federation docs
  * Fix v2-ext API enabled documentation
  * Make it so federated tokens are validated on v2.0
  * Use freezegun in AssignmentInheritanceTestCase
  * Only run KvsTokenCacheInvalidation against uuid
  * Use freezegun in OSRevokeTests
  * refactor: make TestFetchRevocationList test uuid
  * refactor: make TestAuthExternalDefaultDomain test uuid/pki/pkiz
  * refactor: make TestAuthKerberos test pki/pkiz/uuid
  * Add schema validation to create role
  * Replace OpenStack LLC with OpenStack Foundation
  * refactor: inherit AuthWithRemoteUser for other providers
  * Run AuthWithToken against all token providers
  * Don't run TokenCacheInvalidation with Fernet
  * Refactor TestAuthExternalDomain to not inherit tests
  * Use freezegun to increment clock in test_v3_assignment
  * Added cache for id mapping manager

-------------------------------------------------------------------
Sun Jul 24 03:36:02 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev110:
  * PCI-DSS Password strength requirements

-------------------------------------------------------------------
Sat Jul 23 03:45:49 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev109:
  * PCI-DSS Adds password_expires_at to API docs
  * Migrate OS-FEDERATION from specs repo

-------------------------------------------------------------------
Fri Jul 22 08:32:41 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev105:
  * Fix up the api-ref request/response parameters for projects
  * `password` is not required for updating a user
  * Clarify V2 API for enabling or disabling user
  * Removed duplicate parameter in v2-admin api-ref
  * Fix the errors in params in api-ref for V3 region
  * Fix the errors in params in api-ref for V3 user
  * Updated from global requirements
  * Add Python 3.5 classifier
  * Handle Py35 fix of ast.node.col_offset bug
  * deprecate a few more LDAP config options
  * Clean up api-ref for domains
  * keystone-manage doctor
  * v2 api: add APIs for setting a user's password
  * Update os-inherit API reference
  * Updated from global requirements
  * Run AuthTokenTests against fernet and uuid
  * Use freezegun to increment the clock in test_v3_filters
  * Prevent error when duplicate mapping is created
  * Fix the wrong check condition
  * Clean up the api-ref for groups
  * Updated from global requirements
  * Improve introdcution to api-ref projects
  * Update Identity endpoint in v2 samples
  * Fix the username value in federated tokens
  * Use constraints for coverage job
  * Pass request to v2 token authenticate
  * Remove get_user_id in trust controller
  * Cleanup trusts controller

-------------------------------------------------------------------
Sun Jul 17 03:51:17 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev54:
  * v2 api: remove APIs for global roles
  * v2 api: group and order the v2-ext APIs
  * v2 api: remove duplicated delete user API
  * v2 api: add missing /roles in role CRUD APIs
  * v2 api: list user roles is defined twice
  * v2 api: add OS-KSADM to service API routes
  * v2 api: add tenant APIs
  * v2 api: delete user is defined twice
  * v2 api: change update user
  * v2 api: correct user list
  * Fix up numerous errors in params in api-ref for roles
  * Fix up the api-ref for role query paramaters

-------------------------------------------------------------------
Sat Jul 16 03:44:46 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev32:
  * Improve readability of the api-ref roles section
  * clean up OAUTH API
  * Add relationship links to OAUTH APIs
  * Remove `name` property from `endpoint` create/update API
  * Add v2.0 /endpoints/ api-ref
  * Update identity endpoint in v3 and v3-ext samples
  * Remove unused context from AuthInfo
  * add OS-OAUTH1/authorize/{request_token_id} API
  * re-order the oauth APIs
  * Copy the preamble / summary of OAuth1 from the specs repo
  * Remove get_trust_id_for_request function

-------------------------------------------------------------------
Fri Jul 15 03:37:17 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b3.dev15:
  * Correct normal response codes for v2.0 extensions
  * Improve user experience involving token flush
  * Add "v2 overview" docs to APIs
  * Move OS-INHERIT api-ref from extensions to core
  * Correct normal response codes in trust documentation
  * Add OS-EP-FILTER to api-ref
  10.0.0.0b2
  * Variables in URL path should be required
  * Pass request to normalize_domain_id
  * Remove a validate_token_bind call
  * Trivial spacing and comma corrections
  * Add OS-KSCRUD api-ref
  * Disable warnerrors in setup.cfg temporarily
  * Add is_domain to project example responses
  * Add is_domain to scope token response examples
  * Improve keystone.conf [security_compliance] documentation
  * Improve keystone.conf [signing] documentation
  * Correct normal response codes in OS-INHERIT docs
  * Correct normal status codes for v2.0 admin docs
  * Improve keystone.conf [shadow_users] documentation
  * Correct normal response codes for region docs
  * Correct normal response codes for auth docs
  * Correct normal response codes for credential docs
  * Correct normal response codes for project docs
  * Correct normal response codes for policy docs
  * Correct normal response codes for v2.0 versions doc
  * Correct normal response codes in v2.0 versions doc
  * Correct normal response codes in v2.0 tenant docs
  * Correct normal response codes for role docs
  * Correct normal response codes in service catalog doc
  * Correct normal response codes in v2.0 admin user docs
  * Improve keystone.conf [token] documentation
  * Correct normal response codes in endpoint policy docs
  * Improve keystone.conf [tokenless_auth] documentation
  * Clean up token binding validation code
  * Improve keystone.conf [saml] documentation
  * Handle more auth information via context
  * Require auth_context middleware in the pipeline

-------------------------------------------------------------------
Thu Jul 14 03:40:29 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev354:
  * Correct normal response codes in v2.0 token docs
  * Correct normal response codes in oauth docs
  * Validate SAML keyfile & certfile options
  * Complete OS-TRUST API documentation
  * Fixes response codes in endpoint policy api-ref
  * List 20X status codes as Normal in domain docs
  * Improve the API documentation for groups
  * Create APIs for OS-REVOKE
  * Reorder request params in endpoint policy api-ref
  * Adds missing parameter to endpoint policy api-ref
  * Adds missing docs to endpoint policy api-ref
  * Reorders API calls to match precedence rules
  * Improve keystone.conf [role] documentation
  * Improve keystone.conf [resource] documentation
  * Move logic for catalog driver differences to manager

-------------------------------------------------------------------
Wed Jul 13 02:26:09 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev324:
  * Updated from global requirements
  * Use request object in policy enforcement
  * PCI-DSS Disable inactive users requirements

-------------------------------------------------------------------
Tue Jul 12 02:25:41 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev319:
  * Improve keystone.conf [trust] documentation
  * Improve keystone.conf [ldap] documentation
  * Improve keystone.conf [os_inherit] documentation
  * Improve keystone.conf [revoke] documentation
  * Use the context's is_admin property
  * Add the oslo_context to the environment and request

-------------------------------------------------------------------
Mon Jul 11 02:24:56 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev307:
  * Minor docstring cleanup for domain_id mapping
  * Remove unnecessary stable attribute value for status

-------------------------------------------------------------------
Sun Jul 10 02:23:51 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev304:
  * Updated from global requirements
  * Mark the domain config via API as stable
  * Remove validated decorator
  * Move request validation inline
  * Invalidate token cache on domain disablement
  * Isolate token caching into its own region
  * Doc update on enabled external auth and federation
  * keystone recommend deprecated memcache backend
  * Increase test coverage for token APIs
  * Fix fernet token validate for disabled domains/trusts
  * Move the trust abstract base class out of core
  * Move the credential abstract base class out of core

-------------------------------------------------------------------
Sat Jul  9 02:24:11 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev280:
  * Use http_client constants instead of hardcoding
  * Ensure status code is always passed as int
  * Doc update for moving abstract base classes out of core
  * Fix _populate_token_dates method signature
  * Move the auth plugins abstract base class out of core
  * Expose bug with Fernet tokens and trusts
  * Remove last parts of query_string from context
  * Refactor: [ldap] suffix should not be an instance attribute

-------------------------------------------------------------------
Fri Jul  8 02:13:12 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev264:
  * Remove get_auth_context
  * Correct reraising of exception
  * Pass request to build_driver_hints

-------------------------------------------------------------------
Thu Jul  7 12:43:12 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-10.0.0.0b2.dev259:
  * Remove headers from context
  * Use request.environ through auth and federation
  * Remove accept_header from context
  * Fixed a Typo
  * Docs: Fix the query params in role_assignments example
  * [doc/api]Remove space within word
  * Remove unused LOG
  * Make assert_admin work with a request
  * Add missing preamble for v3 and v3-ext
  * move OAUTH1 API to extensions
  * generate separate index files for each api-ref
  * Migrate identity /v2-admin docs from api-ref repo
  * Use request instead of context in v2 auth
  * Handle catalog backends that don't support all functions
  * Refactoring: remove the duplicate method
  * Return `revoked_at` for list revoke events
  * Use skip_test_overrides everywhere we feature skip
  * Improve keystone.conf [fernet_tokens] documentation
  * Improve keystone.conf [catalog] documentation
  * Grammar fix: will -> can
  * Fixes hacking's handling of log hints
  * Improve keystone.conf [paste_deploy] documentation
  * Improve keystone.conf [kvs] documentation
  * Improve keystone.conf [identity] documentation
  * Improve keystone.conf [endpoint_filter] documentation
  * Improve keystone.conf [oauth1] documentation
  * Verify domain_id when get_domain is being called
  * Updated from global requirements
  * Include doc directory in pep8 checks
  * Do not register options on import
  * Improve keystone.conf [policy] documentation
  * Improve keystone.conf [memcache] documentation
  * Use min to avoid checking < 1 max fernet keys
  * Improve keystone.conf [identity_mapping] documentation
  * Improve keystone.conf [federation] documentation
  * Updated tests that claimed to be blocked by bugs
  * Use skip_test_overrides in test_backend_ldap
  * Adds a skip method to identify useless skips
  * Update the nosetests test regex for legacy tests
  * update a config option deprecation message
  * Improve keystone.conf [eventlet_server] documentation
  * Improve keystone.conf [endpoint_policy] documentation
  * Improve keystone.conf [credential] documentation
  * Improve keystone.conf [domain_config] documentation
  * Rename [DEFAULT] keystone.conf module to keystone.conf.default
  * Improve keystone.conf [DEFAULT] documentation
  * Remove test_backend_ldap skips for missing tests
  * Reduce domain specific config setup duplication
  * API Change Tutorial doc code modify
  * Update other-requirements for Xenial
  * Concrete role assignments for federated users
  * Migrate identity /v3-ext docs from api-ref repo
  * Migrate identity /v2-ext docs from api-ref repo
  * Migrate identity /v2 docs from api-ref repo
  * Use request.params instead of context['query_string']
  * Config: no need to set default=None
  * Do not spam the log with uncritical stacktraces
  * Improve keystone.conf [auth] documentation
  * Improve keystone.conf [assignment] documentation
  * Group test_backend_ldap skips for readability
  * Adds a backend test fixture
  * Remove unused test code
  * Moves auth plugin test setup closer to its use
  * Add security_compliance group back to config
  * Fix nits related to the new keystone.conf package
  * Fixes failure when password is null
  * Allow auth plugins to be setup more than once
  * Removes outdate comment from a test
  * Replace keystone.common.config with keystone.conf package
  * Updated from global requirements
  * Fix a few spelling mistakes
  * Allow user to get themself and their domain
  * PCI-DSS Password SQL model changes
  * Fix argument order for assertEqual to (expected, observed)
  * Use the ldap fixture to simplify tests
  * Change the remaining conf setup to use the fixture
  * Reduce setup overhead in auth_plugin tests
  * /services?name=<name> API fails when using list_limit
  * Updated from global requirements
  * Make sure to use InnoDB as the DB engine
  * Remove TestAuth
  * Move last few TestAuth tests to TokenAPITests
  * Move external auth and bind test to TokenAPITests
  * Refactor test_validate_v2_scoped_token_with_v3_api
  * Remove test_validate_v2_unscoped_token_with_v3_api
  * Move more project scoped token behavior to TokenAPITests
  * Validate impersonation in trust redelegation
  * Correct domain_id and name constraint dropping
  * Integration tests cleanup
  * Use http_proxy_to_wsgi from oslo.middleware
  * Use request object in auth plugins
  * Move cross domain/group/project auth tests
  * Move negative token tests to TokenAPITests
  * Move unscoped token test to TokenAPITests
  * Move negative domain scope test to TokenAPITests
  * Consolidate domain token tests into TokenAPITests
  * Move more project scoped behavior tests to TokenAPITests
  * Move project scoped catalog tests to TokenAPITests
  * Update driver versioning documentation
  * Move project scoped tests to TokenAPITests
  * Move TestAuth unscoped token tests to TokenAPITests
  * Add cache invalidation for service providers
  * Updated from global requirements
  * Add 'links' to implied roles response
  * Updated from global requirements
  * fix ldap delete_user group member cleanup
  * exception sensitive cache/audit changes
  * Fix TOTP transient test failure
  * Change LocalUser sql model to eager loading
  * Shadow LDAP and custom driver users
  * Refactor shadow users
  * Fix ValidationError exception name in docstring
  * Add docstring to delete_project
  * Updated from global requirements
  * Revert to caching fernet tokens the same way we do UUID
  * Honor ldap_filter on filtered group list
  * Pass a request to controllers instead of a context
  * Update the keystone-manage man page options
  * clean up test_resource_uuid
  * Return 404 instead of 401 for tokens w/o roles
  * Updating sample configuration file
  * Revert "Install necessary files in etc/"
  * Keystone uwsgi performance tuning
  * Add caching config for federation
  * Updated from global requirements
  * Updating sample configuration file
  * Updating sample configuration file
  * Bootstrap: enable and reset password for existing users
  * PEP257: Ignore D203 because it was deprecated
  * Cache service providers on token validation
  * Refactor revoke_model to remove circular dependency
  * Update man page for Newton release
  * Move stray notification options into config module
  * Adding role assignment lists unit tests
  * Add protocols integration tests
  * Add mapping rules integration tests
  * Add service providers integration tests
  * Imported Translations from Zanata
  * Updated from global requirements
  10.0.0.0b1
  * Simplify & fix configuration file copy in setup.cfg
  * Config settings to support PCI-DSS
  * Fix credentials_factory method call
  * Allow domain admins to list users in groups with v3 policy
  * Updating sample configuration file
  * Updated from global requirements
  * Honor ldap_filter on filtered user list
  * Install necessary files in etc/
  * Replace revoke tree with linear search
  * Migrate identity /v3 docs from api-ref repo
  * Updated from global requirements
  * Add new functionality to @wip
  * remove deprecated revoke_by_expiration function
  * Isolate common ldap code to the identity backend
  * Updated from global requirements
  * Remove helper script for py34
  * Include project_id in the validation error on default project is domain
  * Add python 3 release note
  * Add comment to test case helper function
  * Add Python 3 classification
  * Py3 oauth tests
  * Enable py3 tests for test_v3_auth
  * make sure default_project_id is not domain on user creation and update
  * Let setup.py compile_catalog process all language files
  * Fix broken link of federation docs
  * Add new line in keystone/common/request.py
  * Move identity.backends.sql model code to sql_model.py
  * Add .mo files to MANIFEST.in
  * Replace context building with a request object
  * Enable py3 testing for Fernet token provider
  * Enable py3 for credential tests
  * reorganize mitaka release notes
  * enable ldap tests for py3
  * Updated from global requirements
  * Add the validation rules when create token
  * Use PyLDAP instead of python-ldap
  * Fix config path for running wsgi in developer mode
  * Move the revoke abstract base class out of core
  * Updated from global requirements
  * Port test_v2 unit test to Python 3
  * Move the oauth1 abstract base class out of core
  * Drop the (unused) domain table
  * Don't set None for ldap.OPT_X_TLS_CACERTFILE
  * Add API Change Tutorial
  * Deprecate keystone.common.kvs
  * Updating sample configuration file
  * Add is_domain in token response
  * Switch to use `new_domain_ref` for testcases
  * Move the assignment abstract base class out of core
  * Add identity providers integration tests
  * Update documentation to remove keystone-all
  * Updating sample configuration file
  * Updated from global requirements
  * replace logging with oslo.log
  * Move the federation abstract base class out of core
  * Separate protocol schema
  * Updated from global requirements

-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de

- Update to version keystone-9.0.1.dev103:
  * Updated from global requirements
  * Add test for authentication when project and domain name clash

-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de

- Update to version keystone-9.0.1.dev101:
  * Fix doc build if git is absent

-------------------------------------------------------------------
Mon May 9 04:56:19 UTC 2016 - cloud-devel@suse.de

- Update to version keystone-9.0.1.dev100:
  * Fix typos

-------------------------------------------------------------------
Fri Apr 22 13:47:04 UTC 2016 - cloud-devel@suse.de

- Update to version keystone-9.0.1.dev99:
  * Add other-requirements.txt
  * Fix D400 PEP257
  * Imported Translations from Zanata
  * Updating sample configuration file
  * Customize config file location when run as wsgi app
  * Updated from global requirements
  * Updating sample configuration file
  * Updated from global requirements
  * Bump the required tox version to 2.3.1
  * update deprecation warning for falling back to default domain
  * add missing deprecation reason for eventlet option
  * Remove comments mentioning eventlet
  * Remove support for generating ssl certs
  * Updating sample configuration file
  * Remove eventlet support
  * Default caching to on for request-local caching
  * Typo in sysctl command example Edit
  * Fix confusing naming in ldap EnableEmuMixin
  * Test list project hierarchy is correct for a large tree
  * Remove comment from D202 rule
  * Use messaging notifications transport instead of default
  * Avoid name repetition in equality comparisons
  * Moved name formatting (clean) out of the driver
  * Expose not clearing of user default project on project delete

-------------------------------------------------------------------
Tue Apr 19 06:38:00 UTC 2016 - cloud-devel@suse.de

- Update to version keystone-9.0.1.dev60:
  * Typo fix in tests
  * Add logging to cli if keystone.conf is not found
  * Fix post jobs
  * Refactor domain config upload
  * Keystone jobs should honor upper-constraints.txt
  * Updating sample configuration file
  * Deprecation reason for domain_id_immutable
  * Fix D401 PEP8 violation
  * OSprofiler release notes
  * Updating sample configuration file
  * Dev doc update for moving abstract base classes out of core
  * Integrate OSprofiler in Keystone
  * Fix totp test fails randomly

-------------------------------------------------------------------
Wed Apr 13 15:40:30 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.1.dev39:
  * Updated from global requirements
  * Add keystone service ID to observer audit
  * group federated identity docs together
  * Change Role/Region to role/region in keystone-manage bootstrap
  * Use mockpatch fixtures from fixtures
  * Set the values for the request_local_cache
  * fix typo
  * Fix KeyError when rename to a name is already in use
  * Improve project name conflict message
  * test REMOTE_USER  does not authenticate
  * Doc - Detailing  objects' attributes available for policy.json
  * Sync oslo-incubator rpc	module
  *    Rename requires files to standard names
  * Fix test coverage for v2 scoped auth xml response (bug 1160504)
  * add --config-dir=DIR  for keystone-all option
  * Add  --config-dir=DIR in OPTIONS
  * Files for  Apache-HTTPD
  *  Bug #907521.     Changes to support get roles by service
  * Testing Refactor - this is a squash of 6 commits - original commits are vailable for cherry-picking here:   https://github.com/ziadsawalha/keystone/commits/tests
  * Fixed bug 905422. Swift caching should work again.  Also fixed a few other minor syntactical stuff
  * Bug #890801 Changes to support /extensions call. - Introduced a new extension reader to read static extension content. - Added additional rst files explaining extensions. - Removed functionality from  additional middleware that used to support /extensions call.ie RAX-KEY-extension - Removed service extension test as it was no more relavent. - Added unit test that checks toggling of extensions. - Additional notes on the conf file
  * Bug #854104   - Changes to allow admin url to be shown only for admin users.   - Additional test asserts to verify
  * X.509 client authentication with Keystone.  Implements blueprint 2-way-ssl
  *  Fixing bug 859937.  Removing incorrect atom feed references from roles.xsd
  * Updating legacy auth translation to 2.0 (bug #863661)
  * Fix invocations of TemplateError.  This exception takes precisely three parameters, so I've added a fake location (0, 0) to keep it happy
  *     Dev guide rebuild and minor fixes
  * Port of glance-control to keystone.  This will make writing certain keystone integration functional tests a little easier to do
  *  Committer: Joe Savak <joe3963@joe3963-VirtualBox.(none)>
  * Added automatic test discovery to unit tests  and removed all dead tests
  *  #16 Changes to remove unused group clls
  * (Related to) Issue 32: bin/sampledata.sh cannot be executed outside of bin/
  * Name changes BaseURLRefs to EndPoints and BaseURLs to  EndpointTemplates
  * Name changes BaseURLRefs to EndPoints and BaseURLs to  EndpointTemplates
  * Mae Pylintrc, reordered imports made pep8 of the  files
  * Added as per HACKING  Files
  * Modified  server.py tenant group URL to fix failing test cases
  * Added missing tests,  mad e enable and disable password work
  * Renamed  to server.py and added  top dir in config
  * Added the keystone  top dir in configuration

-------------------------------------------------------------------
Wed Apr 13 01:37:33 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.1.dev21:
  * Simplify chained comparison
  * Clean up test case for shadow users
  * Fixes bug where the updated federated display_name is not returned
  * create a new `advanced topics` section in the docs

-------------------------------------------------------------------
Tue Apr 12 01:01:03 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.1.dev14:
  * Add missing backslash to keystone-manage bootstrap command in documentation

-------------------------------------------------------------------
Sat Apr  9 02:49:58 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.1.dev13:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Fri Apr  8 02:56:46 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.1.dev12:
  9.0.0
  * Update federated user display name with shadow_users_api
  * Bandit test results
  9.0.0.0rc2
  * Correct `role_name` constraint dropping
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * Fix keystone-manage config file path
  * Correct test to support changing N release name
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * Add release note for list_limit support
  * Imported Translations from Zanata
  * Update .gitreview for stable/mitaka

-------------------------------------------------------------------
Thu Apr  7 02:58:19 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev67:
  * Updating sample configuration file
  * Update the description of the role driver option
  * Update the Administrator guide link
  * Remove backend interface and common code out of identity.core
  * Run federation tests under Python 3
  * Add py3 debugging

-------------------------------------------------------------------
Wed Apr  6 02:27:28 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev55:
  * Update federated user display name with shadow_users_api
  * remove endpoint_policy from contrib

-------------------------------------------------------------------
Sat Apr  2 02:03:12 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev52:
  * Correct `role_name` constraint dropping
  * Base for keystone tempest plugin

-------------------------------------------------------------------
Fri Apr  1 02:29:30 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev49:
  * Random project should return positive numbers

-------------------------------------------------------------------
Thu Mar 31 02:20:57 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev47:
  * Improve error message for schema validation
  * Opportunistic testing with different DBs

-------------------------------------------------------------------
Wed Mar 30 02:25:43 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev43:
  * The name can be just white character except project and user
  * Fix typos in Keystone files
  * Add `patch_cover` to keystone
  * Cleanup LDAP models
  * Correct test_implied_roles_fk_on_delete_cascade
  * Fix table row counting SQL for MySQL and Postgresql
  * Switch migration tests to oslo.db DbTestCase
  * Correct test_migrate_data_to_local_user_and_password_tables
  * Make modifications to domain config atomic

-------------------------------------------------------------------
Tue Mar 29 02:20:11 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev27:
  * Fix keystone-manage config file path
  * Update dev docs and sample script for v3/bootstrap

-------------------------------------------------------------------
Sun Mar 27 03:27:18 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev23:
  * Correct _populate_default_domain in tests

-------------------------------------------------------------------
Sat Mar 26 03:20:23 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev22:
  * Removing redundant words
  * Simplify repetitive unequal checks

-------------------------------------------------------------------
Fri Mar 25 03:18:19 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev19:
  * Move region configuration to a critical section

-------------------------------------------------------------------
Thu Mar 24 02:36:52 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev18:
  * Correct test to support changing N release name
  * Fix test_add_int_pkey_to_revocation_event_table for MySQL
  * Implement HEAD method for all v3 GET actions

-------------------------------------------------------------------
Tue Mar 22 02:35:01 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev12:
  * Add test for domains list filtering and limiting

-------------------------------------------------------------------
Sat Mar 19 02:37:46 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev10:
  * Add release note for list_limit support
  * Cleanup migration tests
  * Imported Translations from Zanata
  * add placeholder migrations for mitaka

-------------------------------------------------------------------
Fri Mar 18 02:41:14 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev3:
  * Enables the notification tests in py3

-------------------------------------------------------------------
Thu Mar 17 03:07:03 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0rc2.dev1:
  * Update reno for stable/mitaka
  9.0.0.0rc1
  * Support `id` and `enabled` attributes when listing service providers
  * Check for already present user without inserting in Bootstrap
  * Mapping which yield no identities should result in ValidationError
  * Make backend filter testing more comprehensive
  * Change xrange to range for python3 compatibility
  * Remove reference to keystoneclient CLI
  * Document running in uwsgi proxied by apache
  * Imported Translations from Zanata
  * Fixed user in group participance

-------------------------------------------------------------------
Wed Mar 16 03:04:22 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b4.dev121:
  * Updating sample configuration file
  * Correct Hints class filter documentation
  * Release note cleanup
  * Remove unused notification method and class
  * Consolidate @notifications.internal into Audit
  * Remove some translations
  * Add auto-increment int primary key to revoke.backends.sql

-------------------------------------------------------------------
Tue Mar 15 03:03:17 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b4.dev107:
  * Update reported version for Mitaka
  * Add docs for additional bootstrap endpoint parameters
  * Remove TestFernetTokenProvider

-------------------------------------------------------------------
Mon Mar 14 10:30:25 UTC 2016 -  tbechtold@suse.com

- Update to version keystone-9.0.0.0b4.dev102:
  * Imported Translations from Zanata
  * Imported Translations from Zanata
  * register the config generator default hook with the right name
  * Imported Translations from Zanata
  * Rename v2 token schema used for validation
  * Migrate_repo init version helper
  * Refactor TestFernetTokenProvider trust-scoped tests
  * Refactor TestFernetTokenProvider project-scoped tests
  * Refactor TestFernetTokenProvider domain-scoped tests
  * Refactor TestFernetTokenProvider unscoped token tests
  * Fixing mapping schema to allow local user
  * Fix keystone-manage example command path
  * Add PKIZ coverage to trust tests
  * Consolidate TestTrustRedelegation and TestTrustAuth tests
  * Split out domain config driver and manager tests
  * Add notifications to user/group membership
  * Add ability to send notifications for actors
  * Updated from global requirements
  * Remove foreign assignments when deleting a domain
  * Correct create_project driver versioning
  * Explicitly exclude tests from bandit scan
  * Move role backend tests
  * v2 tokens validated on the v3 API are missing timezones
  * Move domain config backend tests
  * Validate v2 fernet token returns extra attributes
  * Clarify virtualenv setup in developer docs
  * Fixes a few LDAP tests to actually run
  * Imported Translations from Zanata
  * Un-wrap function
  * Fix warning when running tox
  * Race condition in keystone domain config
  * Adding 'domain_id' filter to list_user_projects()
  * Add identity endpoint creation to bootstrap
  * Updated from global requirements
  * Remove _disable_domain from the resource API
  * Remove _disable_project from the resource API
  * Remove the notification.disabled decorator
  * Remove unused notification decorators
  * Cleanup from from split of token backend tests
  * Split identity backend tests
  * Split policy backend tests
  * Split catalog backend tests
  * Split trust backend tests
  * Split token backend tests
  * Split resource backend tests
  * Split assignment backend tests
  * Updated from global requirements
  * Consolidate configuration default overrides
  * Updating sample configuration file
  * IPV6 test unblacklist
  * Fix trust chain tests
  9.0.0.0b3
  * Minor edits to the developing doc
  * Add release notes for projects acting as domains
  * Fix keystone.common.wsgi to explicitly use bytes
  * fix sample config link that 404s
  * add hints to list_services for templated backend
  * Fixes hacking for Py3 tests
  * Fixes to get cert tests running in Py3
  * Fixes the templated backend tests for Python3
  * remove pyc files before running tests
  * Stop using oslotest.BaseTestCase
  * Return 404 instead of 401 for tokens w/o roles
  * Remove unused domain driver method in legacy wrapper
  * Deprecate domain driver interface methods
  * Fix the migration issue for the user doesn't have a password
  * Add driver details in architecture doc
  * Shadow users - Shadow federated users
  * Projects acting as domains
  * Update developer docs for ubuntu 15.10
  * Moved CORS middleware configuration into oslo-config-generator
  * V2 operations create default domain on demand
  * Make keystone tests work on leap years
  * Updating sample configuration file
  * Fix doc build warnings
  * Enable LDAP connection pooling by default
  * Delay using threading.local() to fix check job failure
  * Minor edits to the installation doc
  * Minor edits to the configuration doc
  * Minor community doc edits
  * Updated from global requirements
  * Followup for LDAP removal
  * Remove get_session and get_engine
  * No more legacy engine facade in tests
  * Use requst local in-process cache per request
  * Move admin_token_auth before build_auth_context in sample paste.ini
  * Update default domain's description
  * Reference config values at runtime
  * Use the new enginefacade from oslo.db
  * Updated from global requirements
  * Fix incorrect assumption when deleting assignments
  * Remove migration_helpers.get_default_domain
  * db_sync doesn't create default domain
  * Implied roles index with cascading delete
  * Fix project-related forbidden response messages
  * Fixes a bug when setting a user's password to null
  * Renamed TOTP passcode generation function
  * Updates TOTP release note
  * Simplify use of secure_proxy_ssl_header
  * Shadow users - Separate user identities
  * Switch to configless bandit
  * Parameter to return audit ids only in revocation list
  * Add tests for fetching the revocation list
  * Updating sample configuration file
  * Deprecate logger.WritableLogger
  * Removing H405 violations from keystone
  * Updated from global requirements
  * Updated from global requirements
  * Updating sample configuration file
  * Remove useless {} from __table_args__
  * Time-based One-time Password
  * Fix inconsistencies between Oauth1DriverV8 interface and driver
  * Oauth1 manager sets consumer secret
  * Remove setting class variable
  * Allow user list without specifying domain
  * Adds user_description_attribute mapping support to the LDAP backend
  * encode user id for notifications
  * Add back a bandit tox job
  * Enable support for posixGroups in LDAP
  * Add is_domain filter to v3 list_projects
  * Add tests in preparation of projects acting as a domain
  * Avoid using `len(x)` to check if x is empty
  * Use the driver to get limits
  * Fallback to list_limit from default config
  * Add list_limit to the white list for configs in db
  * Updating sample configuration file
  * handle unicode names for federated users
  * Verify project unique constraints for projects acting as domains
  * wsgi: fix base_url finding
  * Disable Admin tokens set to None
  * Modify rules for domain specific role assignments
  * Modify implied roles to honor domain specific roles
  * Modify rules in the v3 policy sample for domain specifc roles
  * Re-enable and undeprecate admin_token_auth
  * Don't describe trusts as an extension in configuration doc
  * Tidy up configuration documentation for inherited assignments
  * Clean up configuration documentataion on v2 user CRUD
  * Allow project domain_id to be nullable at the manager level
  * Trivial: Cleanup unused conf variables
  * Updating sample configuration file
  * Updating sample configuration file
  * Fixes parameter in duplicate project name creation
  * Fix terms from patch 275706
  * sensible default for secure_proxy_ssl_header
  * Restricting domain_id update
  * Allow project_id in catalog substitutions
  * Avoid `None` as a redundant argument to dict.get()
  * Avoid "non-Pythonic" method names
  * Manager support for project cascade update
  * Updating sample configuration file
  * Expand implied roles in trust tokens
  * add a test that uses trusts and implies roles
  * Updating sample configuration file
  * Convert assignment.root_role config option to list of strings
  * Avoid wrong deletion of domain assignments
  * Manager support for project cascade delete
  * AuthContextMiddleware admin token handling
  * Deprecate admin_token_auth
  * Adds better logging to the domain config finder
  * Extracts logic for finding domain configs
  * Fix nits from domain specific roles CRUD support
  * Change get_project permission
  * Updated from global requirements
  * Enables token_data_helper tests for Python3
  * Stop using nose as a Python3 test runner
  * Fix release note of removal of v2.0 trusts support
  * Remove PostParams middleware
  * Updated from global requirements
  * Moves policy setup into a fixture
  * Make pep8 *the* linting interface
  * Added tokenless auth headers to CORS middleware
  * Add backend support for deleting a projects list
  * Make fernet work with oauth1 authentication
  * Consolidate the fernet provider validate_v2_token()
  * Remove support for trusts in v2.0
  * Add CRUD support for domain specific roles
  * Added CORS support to Keystone
  * Deprecate Saml2 auth plugin
  * Uses open context manager for templated catalogs
  * Disable the ipv6 tests in py34
  * Missing 'region' in service and 'name' in endpoint for EndpointFilterCatalog
  * Small typos on the ldap.url config option help
  * Replace exit() with sys.exit()
  * include sample config file in docs
  * Fixes a language issue in a release note
  * Imported Translations from Zanata
  * Updated from global requirements
  * Support multiple URLs for LDAP server
  * Set deprecated_reason on deprecated config options
  * Move user and admin crud to core
  * squash migrations - kilo
  * Adds validation negative unit tests
  * Use oslo.log specified method to set log levels
  * Add RENO update for simple_cert_extension deprecation
  * Opt-out certain Keystone Notifications
  * Update the home page
  * Release notes for implied roles
  * deprecate pki_setup from keystone-manage
  * test_credential.py work with python34
  * Consolidate `test_contrib_ec2.py` into `test_credential.py`
  * Reinitialize the policy engine where it is needed
  * Provide an error message if downgrading schema
  * Updated from global requirements
  * Consolidate the fernet provider issue_v2_token()
  * Consolidate the fernet provider validate_v3_token()
  * Add tests for role management with v3policy file
  * Fix some word spellings
  * Make WebSSO trusted_dashboard hostname case-insensitive
  * Deprecate simple_cert extension
  * Do not assign admin to service users
  * Add in TRACE logging for the manager
  * Add schema for OAuth1 consumer API
  * Correct docstrings
  * Remove un-used test code
  * Raise more precise exception on keyword mapping errors
  * Allow '_' character in mapping_id value
  * Implied Roles API
  * Revert "Unit test for checking cross-version migrations compatibility"
  * replace tenant with project in cli.py
  * Fix schema validation to use JSONSchema for empty entity
  * Replace tenant for project in resource files
  * Reuse project scoped token check for trusts
  * Add checks for project scoped data creep to tests
  * Add checks for domain scoped data creep
  * Use the oslo.utils.reflection to extract the class name
  * Test hyphens instead of underscores in request attributes
  * Simplify admin_required policy
  * Add caching to role assignments
  * Enable bandit tests
  * Update bandit.yaml
  * Enhance manager list_role_assignments to support group listing
  * remove KVS backend for keystone.contrib.revoke
  * Fix trust redelegation and associated test
  * use self.skipTest instead of self.skip
  * Removed deprecated revoke KVS backend
  * Revert "skip test_get_token_id_error_handling to get gate passing"
  * Updated from global requirements
  * Updated from global requirements
  * skip test_get_token_id_error_handling to get gate passing
  * Ensure pycadf initiator IDs are UUID
  * Check for circular references when expanding implied roles
  * Improves domain name case sensitivity tests
  * Fixes style issues in a v2 controller tests
  * Prevents creating is_domain=True projects in v2
  * Refactors validation tests to better see the cases
  * Remove keystone/common/cache/_memcache_pool.py
  * Update mod_wsgi + cache config docs
  * Address comments from Implied Role manager patch
  * Fix nits in include names patch
  * Unit test for checking cross-version migrations compatibility
  * Online schema migration documentation
  * Updated from global requirements
  * Remove additional references to ldap role attribs
  * Remove duplicate LDAP test class
  * Remove more ldap project references
  9.0.0.0b2
  * Add testcases to check cache invalidation
  * Fix typo abstact in comments
  * deprecate write support for identity LDAP
  * Deprecate `hash_algorithm` config option
  * Mark memcache and memcache_pool token deprecated
  * List assignments with names
  * Remove LDAP Role Backend
  * Remove LDAP Resource and LDAP Assignment backends
  * Removes KVS catalog backend
  * Fix docstring
  * Strengthen Mapping Validation in Federation Mappings
  * Add checks for token data creep using jsonschema
  * Deprecating API v2.0
  * Implied roles driver and manager
  * Add support for strict url safe option on new projects and domains
  * Remove bandit tox environment
  * Add linters environment, keep pep8 as alias
  * Make sure the assignment creation use the right arguments
  * Fix indentation for oauth context
  * Imported Translations from Zanata
  * document the bootstrapping process
  * Add release note for revert of c4723550aa95be403ff591dd132c9024549eff10
  * Updated from global requirements
  * Enable `id`, `enabled` attributes filtering for list IdP API
  * Improve Conflict error message in IdP creation
  * Fedora link is too old and so updated with newer version
  * Support the reading of default values of domain configuration options
  * Correct docstrings for federation driver interface
  * Update v3policysample tests to use admin_project not special domain_id
  * Enable limiting in ldap for groups
  * Enable limiting in ldap for users
  * Doc FIX
  * Store config in drivers and use it to get list_limit
  * Add asserts for service providers
  * Fix incorrect signature in federation legacy V8 wrapper
  * Tidy up release notes for V9 drivers
  * Adds an explicit utils import in test_v3_protection.py
  * Refactor test auth_plugin config into fixture
  * Create V9 version of resource driver interface
  * Updated from global requirements
  * Separate trust crud tests from trust auth tests
  * Delete checks for default domain delete
  * correct help text for bootstrap command
  * Replace unicode with six.text_type
  * Escape DN in enabled query
  * Test enabled emulation with special user_tree_dn
  * SQL migrations for implied roles
  * Revert "Validate domain ownership for v2 tokens"
  * Use assertIn to check if collection contains value
  * Updated from global requirements
  * Perform middleware tests with webtest
  * De-duplicate fernet payload tests
  * Reference driver methods through the Manager
  * Fix users in group and groups for user exact filters
  * Expose defect in users_in_group, groups_for_user exact filters
  * Replace deprecated library function os.popen() with subprocess
  * OAuth1 driver doesnt inherit its interface
  * Update man pages with Mitaka version and dates
  * Fixes hacking logger test cases to use same base
  * Adds a hacking check looking for Logger.warn usage
  * Change LOG.warn to LOG.warning
  * Remove redundant check after enforcing schema validation
  * Create V9 version of federation driver interface
  * Expose method list inconsistency in federation api
  * Correct DN/encoding in test
  * Add audit IDs to revocation events
  * Adds a base class for functional tests
  * Create neutron service in sample_data.sh
  * refactor: Remove unused test method
  * Fix test_crud_user_project_role_grants
  * Update sample catalog templates
  * Wrong usage of "an"

-------------------------------------------------------------------
Fri Jan  8 00:56:34 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev188:
  * remove irrelevant parenthesis
  * Cleanup tox.ini py34 test list
  * Some small improvements on fernet uuid handling
  * Deprecated tox -downloadcache option removed
  * Add `type' filter for list_credentials_for_user
  * Remove comments on enforcing endpoints for trust

-------------------------------------------------------------------
Thu Jan  7 00:56:23 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev176:
  * Updating sample configuration file
  * Do not use __builtin__ in python3
  * Define paste entrypoints
  * Add return value
  * Wrong usage of "an"
  * Make `bootstrap` idempotent
  * fix reuse of variables
  * Verify that attribute `enabled` equals True
  * Correct SecurityError with unicode args
  * Reject user creation using admin token without domain
  * Config option for insecure responses
  * Use oslo_config PortOpt support

-------------------------------------------------------------------
Wed Jan  6 00:56:37 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev156:
  * Add schema for federation protocol
  * Test: make enforce_type=True in CONF.set_override
  * Add schema for identity provider
  * Fix the incompatible issue in response header

-------------------------------------------------------------------
Tue Jan  5 00:55:42 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev148:
  * Fix some inconsistency in docstrings

-------------------------------------------------------------------
Sat Jan  2 00:56:43 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev146:
  * Updated from global requirements
  * Use [] where a field is required

-------------------------------------------------------------------
Fri Jan  1 01:35:56 UTC 2016 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev143:
  * Updating sample configuration file
  * Use six.moves.reload_module instead of builtin reload
  * Support url safe restriction on new projects and domains

-------------------------------------------------------------------
Thu Dec 31 01:36:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev138:
  * Correct fernet provider reference

-------------------------------------------------------------------
Wed Dec 30 01:37:00 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev136:
  * fix up release notes, file deprecations under right title

-------------------------------------------------------------------
Tue Dec 29 01:36:46 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev134:
  * Correct the class name of the V9 LDAP role driver

-------------------------------------------------------------------
Sun Dec 27 07:33:08 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev133:
  * Wrong usage of "a/an"
  * Trival: Remove unused logging import

-------------------------------------------------------------------
Fri Dec 25 01:35:52 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev130:
  * Updating sample configuration file
  * Fix pep8 job

-------------------------------------------------------------------
Thu Dec 24 01:37:52 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev127:
  * Fix 500 error when no fernet token is passed
  * Fix multiline strings with missing spaces
  * eventlet: handle system that misses TCP_KEEPIDLE

-------------------------------------------------------------------
Wed Dec 23 01:37:08 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev122:
  * Fixes kvs cache key mangling issue for Py3
  * Updated from global requirements
  * Update `developing.rst` to remove extensions stuff
  * Add `keystone-manage bootstrap` command

-------------------------------------------------------------------
Tue Dec 22 01:35:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev115:
  * Updating sample configuration file
  * Enable os_inherit of Keystone v3 API
  * Normalize fernet payload disassembly
  * Common arguments for fernet payloads assembly
  * Fix use of TokenNotFound

-------------------------------------------------------------------
Sat Dec 19 01:42:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev109:
  * Fix key_repository_signature method for python3
  * Fix defect in list_user_ids that only lists direct user assignments
  * Show defect in list_user_ids that only lists direct user assignments
  * Use list_role_assignments to get projects/domains for user
  * Limiting for fake LDAP
  * Handle fernet payload timestamp differences
  * Fix fernet padding for python 3

-------------------------------------------------------------------
Fri Dec 18 01:43:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev97:
  * Use pip (and DevStack) instead of setuptools in docs

-------------------------------------------------------------------
Thu Dec 17 01:43:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev95:
  * Correct developer documentation on venv creation
  * Updating sample configuration file
  * Updated from global requirements

-------------------------------------------------------------------
Wed Dec 16 01:43:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev90:
  * Validate domain for DB-based domain config. CRUD
  * Updated Cloudsample
  * Verify that user is trustee only on issuing token
  * Changed the key repo validation to allow read only
  * Add API route for list role assignments for tree
  * Add Trusts unique constraint to remove duplicates

-------------------------------------------------------------------
Sat Dec 12 01:46:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev79:
  * Clean up new_credential_ref usage and surrounding code

-------------------------------------------------------------------
Fri Dec 11 01:46:16 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev78:
  * Updating sample configuration file
  * Updated from global requirements
  * Make @truncated common for all backends
  * Fix exposition of bug about limiting with ldap
  * Use assertDictEqual instead of assertEqualPolicies
  * refactor: move the common code to manager layer
  * Remove keystoneclient tests
  * Ensure endpoints returned is filtered correctly

-------------------------------------------------------------------
Thu Dec 10 01:46:13 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev63:
  * Remove unfixable FIXME
  * Use new_policy_ref consistently
  * Create V9 Role Driver
  * Create new version of assignment driver interface
  * Remove invalid comment about LDAP domain support
  * Pass dict into update() rather than **kwargs
  * Refactor test use of new_*_ref
  * Remove invalid TODO related to bug 1265071
  * Deprecate the pki and pkiz token providers
  * Refactor: Use Federation constants where possible
  * Remove exposure of routers at package level
  * Update docs for legacy keystone extensions

-------------------------------------------------------------------
Wed Dec  9 02:02:12 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev40:
  * Cleans up code for `is_admin` in tokens
  * Deprecate ldap Role
  * Update extensions links
  * Improve comments in test_catalog
  * Fix for GET project by project admin
  * Updating sample configuration file
  * Remove invalid TODO in extensions
  * Refactor: Remove use of self where not needed
  * Refactor: Move uncommon entities from setUp
  * Split resource tests from assignment tests
  * More useful message when using direct driver import

-------------------------------------------------------------------
Mon Dec  7 02:57:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev19:
  * Updated from global requirements

-------------------------------------------------------------------
Sun Dec  6 03:27:45 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev18:
  * Use subprocess.check_output instead of Popen
  * Cleanup use of service refs
  * Remove core module from the legacy endpoint_filter extension

-------------------------------------------------------------------
Sat Dec  5 03:26:45 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev15:
  * Remove invalid FIXME note
  * Put py34 first in the env order of tox
  * set `is_admin` on tokens for admin project
  * Use unit.new_project_ref consistently
  * Cleanup region refs
  * Use new_trust_ref consistently

-------------------------------------------------------------------
Fri Dec  4 03:21:54 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.0b2.dev7:
  * Update API version info for Liberty
  * remove version from setup.cfg
  9.0.0.0b1
  * Simplify LimitTests

-------------------------------------------------------------------
Thu Dec  3 03:24:32 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev309:
  * Add release notes for mitaka-1
  * refactor: move variable to where it's needed
  * Fix a typo in notifications function doc
  * Optimize "open" method with context manager

-------------------------------------------------------------------
Wed Dec  2 03:24:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev302:
  * Reference environment close to use
  * Remove RequestBodySizeLimiter from middleware
  * force releasenotes warnings to be treated as errors
  * Remove deprecated notification event_type
  * Remove check_role_for_trust

-------------------------------------------------------------------
Tue Dec  1 03:24:19 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev292:
  * Needn't care about the sequence for cache validation

-------------------------------------------------------------------
Mon Nov 30 01:30:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev290:
  * Updated from global requirements

-------------------------------------------------------------------
Fri Nov 27 01:35:46 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev289:
  * Remove `extras` from token data
  * Accepts Group IDs from the IdP without domain

-------------------------------------------------------------------
Thu Nov 26 01:37:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev285:
  * Correct docstring warnings

-------------------------------------------------------------------
Wed Nov 25 01:31:54 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev283:
  * Correct RoleNotFound usage
  * Remove example extension
  * Updating sample configuration file
  * Using the right format to render the docstring correctly
  * Add release notes for mitaka thus far
  * deprecate `enabled` option for endpoint-policy extension
  * Rationalize list role assignment routing
  * Fix string conversion in s3 handler for python 2

-------------------------------------------------------------------
Tue Nov 24 01:32:35 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev269:
  * Use idp_id and protocol_id in jsonhome
  * Use standard credential_id parameter in jsonhome

-------------------------------------------------------------------
Sun Nov 22 01:32:16 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev265:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Nov 21 01:34:34 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev264:
  * Minor cleanups for usage of group refs

-------------------------------------------------------------------
Fri Nov 20 12:24:37 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev262:
  * Manager support for projects acting as domains

-------------------------------------------------------------------
Fri Nov 20 01:12:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev260:
  * remove useless config option in endpoint filter
  * Add missing colon separators to inline comments
  * Enable listing of role assignments in a project hierarchy
  * Capital letters
  * remove use of magic numbers in sql migrate extension tests

-------------------------------------------------------------------
Thu Nov 19 15:07:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev249:
  * Updating sample configuration file
  * Move endpoint_filter migrations into keystone core
  * Move endpoint filter into keystone core
  * Move revoke sql migrations to common
  * Move revoke extension into core
  * Move oauth1 sql migrations to common
  * Move oauth1 extension into core
  * Move federation sql migrations to common
  * Move federation extension into keystone core

-------------------------------------------------------------------
Thu Nov 19 01:18:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev232:
  * Fix inaccurate debug mode response
  * Use unit.new_user_ref consistently
  * Add testcases to check cache invalidation in endpoint filter extension
  * Fix the wrong method name

-------------------------------------------------------------------
Wed Nov 18 01:15:09 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev224:
  * Imported Translations from Zanata
  * Updated from global requirements
  * Exclude old Shibboleth options from docs
  * Add S3 signature v4 checking

-------------------------------------------------------------------
Tue Nov 17 10:25:13 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev216:
  * Document release notes process
  * Use new_service_ref instead of manually created dict
  * Make K2K Mapping Attribute Examples more visible

-------------------------------------------------------------------
Sun Nov 15 01:15:11 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev210:
  * Updating sample configuration file
  * change some punctuation marks
  * Updated from global requirements

-------------------------------------------------------------------
Sat Nov 14 01:15:16 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev205:
  * Remove hardcoded LDAP group schema from emulated enabled mix-in
  * Updated from global requirements
  * Use new_domain_ref instead of manually created ref
  * Use new_region_ref instead of manually created dict
  * Use unit.new_group_ref consistently
  * Use unit.new_role_ref consistently
  * Move AuthContext middleware into its own file
  * Fix some nits inside validation/config.py

-------------------------------------------------------------------
Fri Nov 13 01:17:43 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev189:
  * Use unit.new_domain_ref consistently
  * Use unit.new_region_ref() consistently
  * Use unit.new_service_ref() consistently

-------------------------------------------------------------------
Thu Nov 12 03:45:58 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev186:
  * Use unit.new_endpoint_ref consistently
  * Use list_role_assignments to get assignments by role_id
  * Pass kwargs when using revoke_api.list_events()
  * Add reno for release notes management
  * Add test for security error with no message
  * Add exception unit tests with different message types
  * Create tests for set_default_is_domain in LDAP

-------------------------------------------------------------------
Tue Nov 10 03:43:16 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev172:
  * Cleanup message handling in test_exception

-------------------------------------------------------------------
Mon Nov  9 03:42:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev170:
  8.0.0
  * Ensure token validation works irrespective of padding
  * Show v3 endpoints in v2 endpoint list
  * Imported Translations from Zanata
  * Skip rows with empty remote_ids

-------------------------------------------------------------------
Sun Nov  8 03:42:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev232:
  * Add Mapping Combinations for Keystone to Keystone Federation
  * Remove manager-driver assignment metadata construct
  * [rally] remove deprecated arg

-------------------------------------------------------------------
Sat Nov  7 03:43:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev226:
  * Keystone Spelling Errors in docstrings and comments
  * Enable try_except_pass Bandit test

-------------------------------------------------------------------
Fri Nov  6 03:45:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev222:
  * Correct description in Keystone key_terms
  * Imported Translations from Zanata
  * Get user role without project id is not implemented
  * Add caching to get_catalog

-------------------------------------------------------------------
Thu Nov  5 03:43:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev216:
  * Capitalize a Few Words

-------------------------------------------------------------------
Wed Nov  4 03:43:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev214:
  * update mailmap with gyee's new email
  * Revert "Added CORS support to Keystone"
  * Updated from global requirements
  * Use assertTrue/False instead of assertEqual(T/F)
  * I18n safe exceptions

-------------------------------------------------------------------
Tue Nov  3 03:49:56 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev208:
  * test_backend_sql work with python34
  * Use assertTrue/False instead of assertEqual(T/F

-------------------------------------------------------------------
Sat Oct 31 03:44:13 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev205:
  * Fix the issues found with local conf
  * Promote an arbitrary string to be a docstring
  * Update Configuring Keystone doc for consistency

-------------------------------------------------------------------
Fri Oct 30 03:44:48 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev199:
  * Move endpoint_policy migrations into keystone core
  * Fix D204: blank line required after class docstring (PEP257)
  * Fix D202: No blank lines after function docstring (PEP257)
  * Cleanup fernet validate_v3_token

-------------------------------------------------------------------
Wed Oct 28 03:42:49 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev191:
  * Fix docstring
  * Fix D200: 1 line docstrings should fit with quotes (PEP257)
  * Includes server_default option in is_domain column

-------------------------------------------------------------------
Mon Oct 26 03:36:38 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev185:
  * Comment spelling error in assignment.core file
  * Fix exceptions to use correct titles
  * Fix UnexpectedError exceptions to use debug_message_format
  * Fix punctuation in doc strings
  * Updating sample configuration file
  * Explain default domain in docs for other services
  * Correct bashate issues in gen_pki.sh
  * Fix incorrect federated mapping example
  * change stackforge url to openstack url
  * Updated from global requirements
  * Adds already passing tests to py34 run
  * Allow the PBR_VERSION env to pass through tox
  * Fix D210: No whitespaces allowed surrounding docstring text (PEP257)
  * Fix D300: Use """triple double quotes""" (PEP257)
  * Fix D402: First line should not be the function's "signature" (PEP257)
  * Fix D208: Docstring over indented. (PEP257)
  * Add docstring validation
  * Fix fernet key writing for python 3
  * Update test modules passing on py34
  * Updated from global requirements
  * Forbid non-stripped endpoint urls
  * fix deprecation warnings in cache backends
  * Enable subprocess_without_shell_equals_true Bandit test
  * Correct typo in copyright
  * switch to oslo.cache
  * Correct the filename
  * Fix some nits in `configure_federation.rst`
  * Remove unused code in domain config checking

-------------------------------------------------------------------
Fri Oct 16 02:20:35 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev133:
  * Updated from global requirements
  * More info in RequestContext

-------------------------------------------------------------------
Thu Oct 15 21:15:09 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev129:
  * Updating sample configuration file
  * Updated from global requirements
  * keystone-paste.ini docs for deployers are out of date
  * add placeholder migrations for liberty
  * Remove bas64utils and tests
  * Create a version package
  * Refactor: Don't hard code 409 Conflict error codes
  * add initiator to v2 calls for additional auditing
  * Handle 16-char non-uuid user IDs in payload
  * Fix the referred [app:app_v3] into [pipeline:api_v3]

-------------------------------------------------------------------
Thu Oct 15 01:49:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev111:
  * Remove oslo.policy implementation tests from keystone

-------------------------------------------------------------------
Tue Oct 13 01:49:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev110:
  * Refactor: change 403 status codes in test names
  * Refactor: change 410 status codes in test names
  * Refactor: change 400 status codes in test names
  * Refactor: change 404 status codes in test names

-------------------------------------------------------------------
Sun Oct 11 00:13:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev102:
  * Expose 1501698 bug

-------------------------------------------------------------------
Sat Oct 10 00:13:45 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev100:
  * Updated from global requirements
  * Imported Translations from Zanata
  * Fixed missed translatable string inside exception
  * Enable password_config_option_not_marked_secret Bandit test

-------------------------------------------------------------------
Fri Oct  9 00:14:11 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev93:
  * Additional documentation for services
  * Rename fernet methods to match expiration timestamp
  * Enable hardcoded_bind_all_interfaces Bandit test
  * Reclassify get_project_by_name() controller method
  * Deprecate httpd/keystone.py
  * functional tests for keystone on subpaths
  * Document httpd for accept on /identity, /identity_admin

-------------------------------------------------------------------
Thu Oct  8 00:14:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev81:
  * Updated from global requirements
  * Documentation for other services
  * Trivial fix of some typos found
  * Filters is_domain=True in v2 get_project_by_name
  * Add test case passing is_domain flag as False
  * Ensure token validation works irrespective of padding
  * Rename RestfulTestCase.v3_authenticate_token() to v3_create_token()
  * Improving domain_id update tests
  * Use deepcopy of mapping fixtures in tests
  * Cleanup _build_federated_info
  * Add LimitRequestBody to sample httpd config
  * Remove unused get_user_projects()
  * Add unit test for creating RequestContext
  * Add user_domain_id, project_domain_id to auth context
  * Add user domain info to federated fernet tokens
  * Unit tests for fernet validate_v3_token
  * Correct docstrings

-------------------------------------------------------------------
Mon Oct  5 00:41:31 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev49:
  * Imported Translations from Zanata

-------------------------------------------------------------------
Sun Oct  4 00:30:36 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev48:
  * Rename RestfulTestCase.v3_authenticate_token(

-------------------------------------------------------------------
Sat Oct  3 00:30:19 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev47:
  * Enable Bandit 0.13.2 tests
  * Update bandit blacklist_imports config

-------------------------------------------------------------------
Fri Oct  2 00:33:29 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev43:
  * Replace sqlalchemy-migrate occurences from code.google to github
  * Fix unreachable code in test_v3 module
  * Show v3 endpoints in v2 endpoint list
  * Make __all__ immutable
  * Move development environment setup instructions to standard location

-------------------------------------------------------------------
Thu Oct  1 00:17:18 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev33:
  * Skip rows with empty remote_ids
  * Fix order of arguments in assertDictEqual
  * Update bandit blacklist_calls config

-------------------------------------------------------------------
Tue Sep 29 00:16:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev27:
  * Fix order of arguments in assertEqual
  * Adds interface tests for timeutils
  * Add unit tests for token_to_auth_context

-------------------------------------------------------------------
Sun Sep 27 00:16:18 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev21:
  * Updating sample configuration file
  * Cleanup of Translations
  * Imported Translations from Zanata
  * Uses constants for 5XX http status codes in tests
  * Fixes v3_authenticate_token calls - no default
  * Fixes the way v3_admin is called to match its def
  * Declares expected_status in method signatures
  * Refactor: Don't hard code the error code
  * Correct comment to not be driver-specific
  * Fix typo in config help

-------------------------------------------------------------------
Thu Sep 24 00:31:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev4:
  * Use the correct import for range

-------------------------------------------------------------------
Wed Sep 23 00:33:46 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-9.0.0.dev3:
  * Updating sample configuration file
  8.0.0.0rc1
  * Open Mitaka development
  * Bring bandit config up-to-date
  * Update the examples used for the trusted_dashboard option
  * Log message when debug is enabled
  * Clean up bandit profiles
  * federation.idp use correct subprocess
  * Imported Translations from Zanata
  * Relax newly imposed sql driver restriction for domain config
  * Add documentation for configuring IdP WebSSO

-------------------------------------------------------------------
Tue Sep 22 00:33:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev57:
  * Change ignore-errors to ignore_errors

-------------------------------------------------------------------
Mon Sep 21 00:29:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev56:
  * Updated from global requirements
  * check if tokenless auth is configured before validating
  * Updated from global requirements
  * Issue deprecation warning if domain_id not specified in create call
  * Reject rule if assertion type unset

-------------------------------------------------------------------
Thu Sep 17 00:53:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev48:
  * Removed the extra http:// from JSON schema link
  * Support project hierarchies in data driver tests
  * Fix logging in federation/idp.py

-------------------------------------------------------------------
Wed Sep 16 00:52:28 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev44:
  * Updated from global requirements
  * Update federation router with missing call
  * Update man pages with liberty version and dates

-------------------------------------------------------------------
Tue Sep 15 00:52:32 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev40:
  * Refactor: Don't hard code the error code
  * Move TestClient to test_versions
  * Get method's class name in a python3-compatible way
  * Use /auth/projects in tests

-------------------------------------------------------------------
Sat Sep 12 00:55:21 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev34:
  * Use oslo.log fixture
  * Remove keystone/openstack/* from coveragerc
  * Do not revoke all of a user's tokens when a role assignment is deleted
  * Handle tokens created and quickly revoked with insufficient timestamp precision
  * Show that unscoped tokens are revoked when deleting role assignments
  * Remove unnecessary load_backends from TestKeystoneTokenModel

-------------------------------------------------------------------
Wed Sep  9 23:38:28 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev27:
  * Update apache-httpd.rst
  * Updated from global requirements
  * Remove padding from Fernet tokens
  * Fixed typos in 'developing_drivers' doc
  * Build oslo.context RequestContext

-------------------------------------------------------------------
Tue Sep  8 23:38:18 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev18:
  * Imported Translations from Transifex
  * Updated from global requirements
  * Correct docstring for common.authorization

-------------------------------------------------------------------
Mon Sep  7 23:38:20 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev15:
  * Change tests to use common name for keystone.tests.unit
  * Removes py3 test import hacks

-------------------------------------------------------------------
Sun Sep  6 23:38:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev11:
  * Test list_role_assignment in standard inheritance tests

-------------------------------------------------------------------
Sat Sep  5 23:38:26 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev10:
  * Stop using deprecated keystoneclient function

-------------------------------------------------------------------
Fri Sep  4 23:38:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev9:
  * Updating sample configuration file
  * Fixes confusing deprecation message
  * Add methods for checking scoped tokens
  * Deprecate LDAP Resource Backend
  * List credentials by type
  * Fixes a typo in a comment
  * Fix grammar in doc string

-------------------------------------------------------------------
Thu Sep  3 23:38:30 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b4.dev1:
  8.0.0.0b3
  * Added CORS support to Keystone
  * Tokenless authz with X.509 SSL client certificate
  * Stable Keystone Driver Interfaces
  * Initial support for versioned driver classes
  * Add federated auth for idp specific websso
  * Broaden domain-group testing of list_role_assignments
  * Add support for group membership to data driven assignment tests
  * Add support for effective & inherited mode in data driven tests
  * Change JSON Home for OS-FEDERATION to use /auth/projects|domains
  * Provide new_xyz_ref functions in tests.core
  * Correct docstrings in resource/core.py
  * Stop reading local config for domain-specific SQL config driver

-------------------------------------------------------------------
Wed Sep  2 23:38:17 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev232:
  * Adds caching to paste deploy's egg lookup
  * Validate Mapped User object

-------------------------------------------------------------------
Wed Sep  2 13:02:11 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev228:
  * Add support for data-driven backend assignment testing

-------------------------------------------------------------------
Tue Sep  1 23:38:22 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev226:
  * Updated from global requirements
  * Unit tests for is_domain field in project's table
  * Group tox optional dependencies

-------------------------------------------------------------------
Mon Aug 31 11:17:06 UTC 2015 -  tbechtold@suse.com

- Update to version keystone-8.0.0.0b3.dev220:
  * Refactor mapping rule engine tests to not create servers
  * Updating sample configuration file
  * Set max on max_password_length to passlib max
  * Simplify federated_domain_name processing
  * Enforce .config_overrides is called exactly once
  * Rationalize unfiltered list role assignment test
  * Change mongodb extras to lowercase
  * Refactor: Provider._rebuild_federated_info()
  * Refactor: rename Fernet's unscoped federated payload
  * Fernet payloads for federated scoped tokens
  * Prevent exception due to missing id of LDAP entity
  * Expose exception due to missing id of LDAP entity
  * Remove references to keystone.openstack.common
  * Use entrypoints for paste middleware and apps
  * update links in http-api to point to specs repo
  * Prevent exception for invalidly encoded parameters
  * Use wsgi_scripts to create admin and public httpd files
  * Simplify rule in sample v3 policy file
  * When validating a V3 token as V2, use the v3_to_v2 conversion
  * Sample config help for supplied drivers
  * Update docs for stevedore drivers

-------------------------------------------------------------------
Wed Aug 26 23:38:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev177:
  * No More .reload_backends() or .reload_backend()
  * Ensure ephemeral user's user_id is url-safe
  * Use min and max on IntOpt option types
  * Adds a notification testcase for unbound methods
  * Update Httpd configuration docs for sites-available/enabled
  * Creates a fixture representing as LDAP database

-------------------------------------------------------------------
Tue Aug 25 23:38:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev165:
  * Remove all traces of oslo incubator
  * Refactor: use fixtures.TempDir more
  * Adds backend check to setup of LDAP tests

-------------------------------------------------------------------
Mon Aug 24 23:38:17 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev159:
  * Remove deprecated methods from assignment.Manager
  * Stop using deprecated assignment manager methods

-------------------------------------------------------------------
Sat Aug 22 23:38:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev155:
  * Add testcase to test invalid region id in request
  * Add region_id filter for List Endpoints API

-------------------------------------------------------------------
Fri Aug 21 23:38:13 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev151:
  * Add necessary executable permission
  * Update 'doc/source/setup.rst'
  * Enhance tests for saml2 signing exception logging

-------------------------------------------------------------------
Thu Aug 20 23:38:30 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev145:
  * Updating sample configuration file
  * Test v2 tokens being deleted by v3
  * Add is_domain field in Project Table

-------------------------------------------------------------------
Wed Aug 19 00:00:29 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev140:
  * Extras for bandit
  * Use extras for memcache and MongoDB packages
  * Remove unnecessary check
  * Updated from global requirements
  * Show helpful message when request body is not provided
  * Do not require the token_id for converting v3 to v2 tokens
  * Maintain the expiry of v2 fernet tokens

-------------------------------------------------------------------
Mon Aug 17 23:59:01 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev127:
  * EndpointFilter driver doesnt inherit its interface

-------------------------------------------------------------------
Sun Aug 16 23:57:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev125:
  * Imported Translations from Transifex
  * Updated from global requirements

-------------------------------------------------------------------
Sat Aug 15 23:57:51 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev122:
  * Hardens the validated decorator's implementation
  * Maintain datatypes when loading configs from DB

-------------------------------------------------------------------
Fri Aug 14 23:57:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev118:
  * Updating sample configuration file
  * Improve a few random docstrings
  * Remove "tenants" from user_attribute_ignore default
  * Updated from global requirements
  * Fix the misspelling
  * Fix typo in doc-string

-------------------------------------------------------------------
Thu Aug 13 23:58:37 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev108:
  * Validate domain ownership for v2 tokens
  * Fix docstring in mapped plugin
  * Updated from global requirements
  * Improve List Role Assignments Filters Performance
  * Give some message when an invalid token is in use

-------------------------------------------------------------------
Tue Aug 11 00:13:34 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev98:
  * Updated from global requirements
  * Fixes an incorrect docstring in notifications
  * Improve a few random docstrings (H405)
  * Correct enabled emulation query to request no attributes

-------------------------------------------------------------------
Mon Aug 10 00:13:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev91:
  * Minor grammar fixes to connection pooling section
  * Stop calling deprecated assignment manager methods

-------------------------------------------------------------------
Sun Aug  9 00:13:51 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev88:
  * Updated from global requirements
  * Updating sample configuration file
  * Remove reference of old endpoint_policy in paste file

-------------------------------------------------------------------
Sat Aug  8 00:14:17 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev84:
  * Remove excessive transformation to list
  * Stop calling deprecated assignment manager methods
  * Fernet 'expires' value loses 'ms' after validation
  * NotificationsTestCase running in isolation
  * Adds/updates notifications test cases
  * Fix duplicate-key pylint issue
  * Fix explicit line joining with backslash
  * Fixes an issue with data ordering in the tests
  * Imported Translations from Transifex
  * Allow Domain Admin to get domain details
  * Assignment driver cleaning
  * Cleanup tearDown in unit tests
  * Remove unnecessary check from notifications.py
  * Remove oslo import hacking check
  * Use extras for ldap dependencies
  * Test to ensure fernet key rotation results in new key sets
  * Document default value for tree_dn options
  * Register fatal_deprecations before use
  * Remove unused setUp for RevokeTests
  * Remove unnecessary code for default suffix

-------------------------------------------------------------------
Fri Aug  7 00:13:46 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev50:
  * Imported Translations from Transifex
  * Fix unbound error in federation _sign_assertion
  * Fix typos of RoleAssignmentV3._format_entity doc
  * Document policy target for operation
  * Remove unnecessary ldap imports
  * Disable migration sanity check

-------------------------------------------------------------------
Thu Aug  6 00:14:38 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev41:
  * Updated from global requirements
  * Use dict.items() rather than six.iteritems()
  * Better error message when unable to map user

-------------------------------------------------------------------
Wed Aug  5 00:14:26 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev35:
  * Updating sample configuration file
  * Cleanup use of iteritems
  * Missing ADMIN_USER in sample_data.sh
  * Update exported variables for openstack client
  * Add better user feedback when bind is not implemented
  * Refactor _populate_roles_for_groups()
  * Refactor: clean up TokenAPITests
  * Fix test_utils for py34
  * Clean up code to use .items()
  * Clean up notifications type checking

-------------------------------------------------------------------
Mon Aug  3 00:14:30 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev20:
  * Add groups in scoped federated tokens

-------------------------------------------------------------------
Sun Aug  2 00:14:04 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev18:
  * Imported Translations from Transifex
  * Reject create endpoint with invalid urls
  * Reduce number of Fernet log messages

-------------------------------------------------------------------
Sat Aug  1 00:14:56 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev12:
  * Adds missing list_endpoints tests
  * Explain the "or None" on eventlet's client_socket_timeout
  * Fix test_admin to expect admin endpoint
  * Fixes a docstring to reflect actual return values
  * pemutils isn't used anymore
  * Adds proper isolation to templated catalog tests

-------------------------------------------------------------------
Fri Jul 31 12:42:37 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b3.dev2:
  * Handle non-numeric files in key_repository

-------------------------------------------------------------------
Thu Jul 30 19:16:10 UTC 2015 -  tbechtold@suse.com

- Update to version keystone-8.0.0.0b3.dev1:
  8.0.0.0b2
  * Updated from global requirements
  * Ensure database options registered for tests
  * Document sample config updated automatically

-------------------------------------------------------------------
Thu Jul 30 00:12:33 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev172:
  * Test function call result, not function object
  * Test admin app in test_admin_version_v3
  * Fix remaining mention of KLWT
  * Replace 401 to 404 when token is invalid
  * Assign different values to public and admin ports
  * Reuse token_ref fetched in AuthContextMiddleware

-------------------------------------------------------------------
Wed Jul 29 05:02:53 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev160:
  * Updating sample configuration file
  * Updated from global requirements
  * add federation docs for mod_auth_mellon

-------------------------------------------------------------------
Sat Jul 25 00:12:37 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev156:
  * Fix four typos and Add one space on keystone document
  * Imported Translations from Transifex
  * Fix test_exception.py for py34
  * Fix s3.core for py34
  * test_base64utils works with py34
  * Docs link to ACTIONS
  * Moves keystone.hacking into keystone.tests
  * Add missing "raise" when throwing exception

-------------------------------------------------------------------
Fri Jul 24 00:15:28 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev141:
  * Updating sample configuration file
  * Minor fix in the `configuration.rst`
  * Correct spacing in ``mapping_combinations.rst``
  * Adding Documentation for Mapping Combinations
  * Clean up docs before creating new ones
  * Fix docs in federation.routers
  * Refactor websso ``origin`` validation
  * Move backends.py to keystone.server
  * move clean.py into keystone/common
  * Move cli.py into keystone.cmd
  * Implement backend filtering on membership queries

-------------------------------------------------------------------
Wed Jul 22 16:23:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev119:
  * Avoid the hard coding of admin token

-------------------------------------------------------------------
Wed Jul 22 01:06:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev118:
  * Fix docstrings in contrib
  * Additional Fernet test coverage
  * Fix for LDAP filter on group search by name

-------------------------------------------------------------------
Tue Jul 21 00:42:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev112:
  * Updated from global requirements
  * Document use of wip up to developer

-------------------------------------------------------------------
Mon Jul 20 00:40:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev108:
  * Remove unnecessary executable permission

-------------------------------------------------------------------
Sun Jul 19 00:38:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev107:
  * Do not remove expired revocation events on "get"
  * Federation API provides method to evaluate rules
  * Move constants out of federation.core
  * Deprecate LDAP assignment driver options

-------------------------------------------------------------------
Sat Jul 18 00:37:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev99:
  * Log xmlsec1 output if it fails
  * Fix test method examining scoped federation tokens
  * Spelling correction
  * Fixes grammar in setup.rst in doc source
  * Updated from global requirements
  * Use oslo.utils instead of home brewed tempfile
  * Standardize documentation at Service Managers
  * Switch from MySQL-python to PyMySQL

-------------------------------------------------------------------
Wed Jul 15 00:41:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev85:
  * Updating sample configuration file
  * Add testcases for list_role_assignments of v3 domains
  * Centralizing build_role_assignment_* functions

-------------------------------------------------------------------
Tue Jul 14 00:41:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev79:
  * Replace reference of ksc with osc
  * Mask passwords in debug log on user password operations

-------------------------------------------------------------------
Mon Jul 13 00:39:29 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev77:
  * Updated from global requirements

-------------------------------------------------------------------
Sun Jul 12 00:41:00 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev76:
  * Changing exception type to ValidationError instead of Forbidden
  * Removed optional dependency support

-------------------------------------------------------------------
Sat Jul 11 00:41:01 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev72:
  * Fixes grammar in the httpd README
  * Imported Translations from Transifex
  * Fixes docstring to make it more precise
  * Decouple notifications from DI
  * Fix log message in one of the v3 create call methods
  * Simplify fernet rotation code
  * Tests for correct key removed
  * Add test showing password logged
  * Add more Rally scenarios

-------------------------------------------------------------------
Fri Jul 10 00:41:02 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev57:
  * Fix the incorrect format for docstring

-------------------------------------------------------------------
Thu Jul  9 11:59:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev56:
  * Catch exception.Unauthorized when checking for admin
  * Remove convert_to_sqlite.sh
  * Remove fileutils from oslo-incubator
  * Remove comment for doc building bug 1260495
  * Fix code-block in federation documentation
  * Modified command used to run keystone-all
  * Delete extra parentheses in assertEqual message
  * Fix the invalid testcase
  * Updating sample configuration file
  * Add unit test for fernet provider
  * Update federation docstring
  * Do not specify 'objectClass' twice in LDAP filter string
  * Fix tox -e py34
  * Change mapping model so rules is dict
  * Add test case for deleting endpoint with space in url
  * Update requirements by hand
  * Group role revocation invalidates all user tokens
  * Adds some debugging statements

-------------------------------------------------------------------
Thu Jul  2 00:40:33 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev21:
  * Consolidate the fernet provider issue_v3_token()
  * OS-FEDERATION no longer extension in docs

-------------------------------------------------------------------
Wed Jul  1 00:40:12 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev17:
  * Switch from deprecated oslo_utils.timeutils.strtime
  * Update MANIFEST.in

-------------------------------------------------------------------
Tue Jun 30 00:25:48 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev14:
  * Use oslo.service ServiceBase when loading from eventlet
  * Relax the formats of accepted mapping rules for keystone-manage

-------------------------------------------------------------------
Sun Jun 28 00:27:14 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev10:
  * Update sample config file
  * Updated from global requirements

-------------------------------------------------------------------
Sat Jun 27 00:27:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev7:
  * Switch to oslo.service
  * Update sample configuration file
  * Don't try to drop FK constraints for sqlite

-------------------------------------------------------------------
Thu Jun 25 00:31:34 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0b2.dev4:
  * Python 3: Use range instead of xrange for py3 compatibility
  8.0.0.0b1
  * Document entrypoint namespaces
  * Short names for auth plugins

-------------------------------------------------------------------
Wed Jun 24 00:31:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0a1.dev20:
  * Use stevedore for auth drivers

-------------------------------------------------------------------
Tue Jun 23 00:33:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0a1.dev18:
  * Update sample configuration file
  * Remove unused requirements
  * Add missing keystone-manage commands to doc
  * Refactor extract function load_auth_method
  * Add unit test to exercise key rotation
  * Fix Fernet key rotation

-------------------------------------------------------------------
Mon Jun 22 00:35:06 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0a1.dev6:
  * Remove redundant config

-------------------------------------------------------------------
Sat Jun 20 00:36:38 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0a1.dev4:
  * Imported Translations from Transifex

-------------------------------------------------------------------
Fri Jun 19 00:34:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-8.0.0.0a1.dev3:
  * Update version for Liberty
  8.0.0a0
  * Fix tests failing on slower system

-------------------------------------------------------------------
Wed Jun 17 00:55:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev231:
  * Refactor: move PKI-specific tests into the appropriate class
  * Needn't load fernet keys twice
  * Pass environment variables of proxy to tox

-------------------------------------------------------------------
Tue Jun 16 00:53:59 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev225:
  * Mapping Engine CLI

-------------------------------------------------------------------
Fri Jun 12 02:12:50 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev223:
  * Imported Translations from Transifex
  * Add validity check of 'expires_at' in trust creation

-------------------------------------------------------------------
Thu Jun 11 07:11:43 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev220:
  * Fix spelling in configuration comment
  * Switch keystone over to oslo_log versionutils
  * Updated from global requirements
  * Use lower default value for sha512_crypt rounds
  * Updated from global requirements
  * Remove unnecessary dependencies from KerberosDomain
  * Remove deprecated external authentication plugins
  * Avoid using the interactive interpreter for a one-liner
  * Revocation engine refactoring
  * Add testcases to test DefaultDomain
  * Remove identity_api from AuthInfo dependencies
  * Fix sample policy to allow user to check own token
  2015.1.0
  * Sync oslo-incubator Ie51669bd278288b768311ddf56ad31a2f28cc7ab
  * Updated from global requirements
  * Release Import of Translations from Transifex
  * Make memcache client reusable across threads
  * Set default branch to stable/kilo
  * backend_argument should be marked secret
  * Update man pages for the Kilo release
  * make sure we properly initialize the backends before using the drivers
  * WebSSO should use remote_id_attribute by protocol
  * Work with pymongo 3.0
  2014.2

-------------------------------------------------------------------
Mon Jun  8 00:22:54 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev275:
  * Rename directory with rally jobs files
  * Refactor: use __getitem__ when the key will exists
  * Refactor: create the lookup object once

-------------------------------------------------------------------
Sun Jun  7 00:24:07 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev269:
  * Remove custom assertions for python2.6
  * Fix req.environ[SCRIPT_NAME] value

-------------------------------------------------------------------
Sat Jun  6 00:23:24 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev265:
  * Updated from global requirements
  * Order routes so most frequent requests are first

-------------------------------------------------------------------
Fri Jun  5 00:23:21 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev262:
  * Don't query db if criteria longer than col length
  * Run WSGI with group=keystone
  * Fix the wrong order of parameters when using assertEqual
  * Remove the deprecated ec2 token middleware
  * Replace blacklist_functions with blacklist_calls
  * Rename driver to backend and fix the inaccurate docstring

-------------------------------------------------------------------
Thu Jun  4 00:23:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev250:
  * Updated from global requirements
  * Consolidate test-requirements files
  * Switch from deprecated isotime
  * Update access control configuration in httpd config

-------------------------------------------------------------------
Wed Jun  3 00:22:49 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev245:
  * Improve error message when tenant ID does not exist
  * Adds inherited column to RoleAssignment PK

-------------------------------------------------------------------
Tue Jun  2 00:23:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev241:
  * updates sample_data script to use the new openstack commands
  * Log info for Fernet tokens over 255 chars

-------------------------------------------------------------------
Mon Jun  1 00:22:39 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev237:
  * Update functional tox env requirements
  * Update sample config file
  * Correct oauth1 driver help text
  * Add "enabled" to create service provider example
  * Removes unused database setup code
  * Sync oslo-incubator cc19617

-------------------------------------------------------------------
Sun May 31 00:22:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev227:
  * Update testing keystone2keystone doc
  * `api_curl_examples.rst` is out of date
  * Don't assume project IDs are UUID format
  * Don't assume group IDs are UUID format
  * Remove randomness from test_client_socket_timeout

-------------------------------------------------------------------
Fri May 29 00:23:12 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev219:
  * Don't fail on converting user ids to bytes

-------------------------------------------------------------------
Thu May 28 02:32:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev217:
  * Move endpoint policy into keystone core
  * Update dev setup requirements for Python 3.4

-------------------------------------------------------------------
Tue May 26 02:34:06 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev213:
  * Tests don't override default auth methods/plugins
  * Tests consistently use auth_plugin_config_override
  * Test use config_overrides for configs
  * Correct tests setting auth methods to a non-list
  * Use single connection in get_all function

-------------------------------------------------------------------
Sat May 23 02:30:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev203:
  * Update sample config file
  * Make sure LDAP filter is constructed correctly

-------------------------------------------------------------------
Fri May 22 02:28:36 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev200:
  * basestring no longer exists in Python3
  * Add mocking for memcache for Python3 tests
  * Fix xmldsig import
  * Refactor deprecations tests
  * Remove the deprecated compute_port option
  * Removes temporary fix for doc generation
  * Fixes deprecations test for Python3
  * Revert "Loosen validation on matching trusted dashboard"
  * Implement validation on the Identity V3 API

-------------------------------------------------------------------
Wed May 20 00:07:54 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev182:
  * Improve websso documentation
  * Workflow documentation is now in infra-manual

-------------------------------------------------------------------
Sun May 17 00:06:40 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev178:
  * Remove XML middleware stub
  * Replace ci.o.o links with docs.o.o/infra

-------------------------------------------------------------------
Sat May 16 00:03:28 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev174:
  * Rename sample_config to genconfig
  * Imported Translations from Transifex

-------------------------------------------------------------------
Thu May 14 23:58:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev171:
  * Move bandit requirement to test-requirements-bandit.txt

-------------------------------------------------------------------
Tue May 12 23:58:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev169:
  * Updated from global requirements
  * Add missing part for `token` object
  * Remove support for loading auth plugin by class

-------------------------------------------------------------------
Mon May 11 23:58:30 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev164:
  * Update sample config file
  * Use [] where a value is required
  * De-duplicate auth methods
  * Remove unnecessary oauth_api check
  * Use short names for drivers
  * Add mocking for ldappool for Python3 tests
  * Fixes a whitespace issue
  * Handles modules that moved in Python3
  * Handles Python3 builtin changes
  * Use stevedore for backend drivers

-------------------------------------------------------------------
Sun May 10 23:58:17 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev144:
  * Replace github reference by git.openstack.org and change a doc link
  * Refactor _create_attribute_statement IdP method
  * Updated from global requirements

-------------------------------------------------------------------
Fri May  8 23:58:26 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev138:
  * Fixes use of dict methods for Python3

-------------------------------------------------------------------
Thu May  7 02:07:04 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev137:
  * Updated from global requirements
  * Use correct LOG translation indicator for errors

-------------------------------------------------------------------
Wed May  6 09:38:45 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev133:
  * Add openstack_user_domain to assertion

-------------------------------------------------------------------
Wed May  6 02:11:45 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev131:
  * Fixes test nits from a previous review

-------------------------------------------------------------------
Tue May  5 14:11:14 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev129:
  * Pass-in domain when testing saml signing

-------------------------------------------------------------------
Sat May  2 01:34:20 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.0.dev128:
  * Fixes tests to use the config fixture

-------------------------------------------------------------------
Fri May  1 01:33:23 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev150:
  * Fix tiny typo in comment message
  * Updates the *py3 requirements files
  * Add openstack_project_domain to assertion
  * Prohibit invalid ids in subtree and parents list

-------------------------------------------------------------------
Thu Apr 30 01:31:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev143:
  * Fixes mocking of oslo messaging for Python3
  * pycadf now supports Python3
  * eventlet now supports Python3
  * Updated from global requirements
  * Update sample config
  * Allow wsgiref to reconstruct URIs per the WSGI spec
  * Refactor assignment driver internal clean-up method names

-------------------------------------------------------------------
Tue Apr 28 01:33:21 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev130:
  * Updated from global requirements

-------------------------------------------------------------------
Mon Apr 27 10:01:17 UTC 2015 -  tbechtold@suse.com

- Update to version keystone-2015.2.dev128:
  * Replaced filter with a list comprehension
  * Ignore multiple imports per line for six.moves
  * Fixes order of imports for pep8
  * pep8 whitespace changes
  * Fix the misuse of `versionutils.deprecated`
  * Update openid connect docs to include other distros
  * Updated from global requirements
  * Remove pysqlite test-requirement dependency
  * Isolate injection tests
  * Sync oslo-incubator Ie51669bd278288b768311ddf56ad31a2f28cc7ab
  * Fixes cyclic ref detection in project subtree
  * Remove project association before removing endpoint group
  * Add domain_id checking in create_project
  * Refactor common function for loading drivers
  * Tests don't override default config with default
  * Entrypoints for commands
  * Add fernet to test_supported_token_providers
  * Tests use Database fixture
  * Correct path in request logging
  * Correct request logging query parameters separator
  * Eventlet green threads not released back to pool
  * Cleanup test keeping unnecessary fixture references
  * Fixes the SQL model tests

-------------------------------------------------------------------
Wed Apr 22 01:14:01 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev84:
  * Updated from global requirements
  * Imported Translations from Transifex
  * Loosen validation on matching trusted dashboard
  * adds a tox target for functional tests
  * Adds an initial functional test
  * Update developer doc to reference Ubuntu 14
  * Move common checks into base testcase

-------------------------------------------------------------------
Mon Apr 20 01:13:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev70:
  * Fix the incorrect comment
  * Update Get API version Curl example

-------------------------------------------------------------------
Sun Apr 19 01:33:35 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev66:
  * Stops injecting revoke_api into TestCase
  * Update keystone.sample.conf
  * Use choices in config.py
  * remove useless nocatalog tests of endpoint_filter
  * Refactor: extract and rename unique_id method
  * Add test to list projects by the parent_id

-------------------------------------------------------------------
Sat Apr 18 01:14:20 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev54:
  * Remove assigned protocol before removing IdP
  * Expose domain_name in the context for policy.json
  * Make memcache client reusable across threads
  * Remove unused policy rule for get_trust

-------------------------------------------------------------------
Fri Apr 17 00:13:52 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev46:
  * Use correct LOG translation indicator for warnings
  * Don't provide backends from __all__ in persistence
  * Fix index name the assignment.actor_id table
  * Refactor sql filter code for clarity

-------------------------------------------------------------------
Thu Apr 16 00:13:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev38:
  * Fix incorrect setting in WebSSO documentation
  * Exposes bug on role assignments creation
  * Redundant events on group grant revocation

-------------------------------------------------------------------
Wed Apr 15 00:14:51 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev33:
  * Checking if Trust exists should be DRY
  * Add routing for list_endpoint_groups_for_project

-------------------------------------------------------------------
Tue Apr 14 00:13:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev29:
  * backend_argument should be marked secret
  * Fix signed_saml2_assertion.xml tests fixture
  * Removes discover from test-reqs

-------------------------------------------------------------------
Sun Apr 12 00:15:02 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev23:
  * Refactor MemcachedBackend to not be a Manager

-------------------------------------------------------------------
Sat Apr 11 00:15:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev21:
  * Tests use common base class
  * Mark some strings for translation

-------------------------------------------------------------------
Fri Apr 10 00:15:08 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev17:
  * make sure we properly initialize the backends before using the drivers
  * WebSSO should use remote_id_attribute by protocol
  * Update openstack-common reference in openstack/common/README
  * Update testing docs

-------------------------------------------------------------------
Thu Apr  9 00:12:30 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev9:
  * Work with pymongo 3.0
  * Update man pages for the Kilo release
  * Add placeholders for reserved migrations
  * Tox env for Bandit

-------------------------------------------------------------------
Wed Apr  8 00:14:43 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.2.dev2:
  2015.1.0rc1
  * Open Liberty development
  * Improved policy setting in the 'v3 filter' tests
  * Handle NULL value for service.extra in migration 066
  * Skip SSL tests because some platforms do not enable SSLv3
  * Add index to the revocation_event.revoked_at
  * Fix for notifications for v2 role grant/delete

-------------------------------------------------------------------
Tue Apr  7 00:13:25 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev143:
  * Fix the typo in `token/providers/fernet/core.py`
  * Document websso setup
  * Don't add unformatted project-specific endpoints to catalog

-------------------------------------------------------------------
Sun Apr  5 00:14:00 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev138:
  * Allow identity provider to be created with remote_ids set to None
  * Fix multiple SQL backend usage validation error
  * Expose multiple SQL backend usage validation error

-------------------------------------------------------------------
Sat Apr  4 00:13:24 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev133:
  * Import fernet providers only if used in keystone-manage
  * Imported Translations from Transifex
  * Update sample config file
  * Fix errors in ec2 signature logic checking
  * Fixes bug in Federation list projects endpoint
  * Exposes bug in Federation list projects endpoint
  * Cleanup use of .driver
  * Fix setting default log levels

-------------------------------------------------------------------
Fri Apr  3 00:13:41 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev117:
  * Reload drivers when their domain config is updated
  * Correcting the name of directory holding dev docs
  * Updated from global requirements
  * Remove unnecessary .driver. references in assignment manager
  * Rename notification for create/delete grants
  * Drop sql.transaction() usage in migration
  * Update configuration documentation for domain config
  * Fix for migration 062 on MySQL
  * Bump advertised API version to 3.4
  * Deprecate eventlet config options
  * More content in the guide for core components' migration

-------------------------------------------------------------------
Mon Mar 30 10:39:18 UTC 2015 - rsalevsky@suse.com

- Update to version keystone-2015.1.dev96:
  * Extract response headers to private method
  * Imported Translations from Transifex
  * Add API to create ecp wrapped saml assertion
  * Add relay_state_prefix to Service Provider
  * Change the way values are migrated for 007_add_remote_id_table
  * Use ORM in upgrade test instead of manual query construction
  * Remove empty request bodies
  * Remove unnecessary import that was not checked
  * IdP ID registration and validation
  * Imported Translations from Transifex
  * add test of /v3/auth/catalog for endpoint_filter
  * Make trust manager raise formatted message exception
  * Revert "Document mapping of policy action to operation"
  * Remove SQL Downgrades
  * Add caching to getting of the fully substituted domain config
  * Refactor _create_projects_hierarchy in tests
  * Fixes bug when getting hierarchy on Project API
  * Exposes bug when getting hierarchy on Project API
  * use tokens returned by delete_tokens to invalidate cache
  * Loosen the validation schema used for trustee/trustor ids
  * region.description is optional and can be null
  * Document mapping of policy action to operation
  * Update install.rst for Fedora
  * Update sample config file
  * Remove parent_id in v2 tenant response
  * create _member_ role as specified in CONF
  * Fix sample policy to allow user to revoke own token
  * Add unit tests for sample policy token operations
  * Fix up token provider help text
  * Remove parent_id in v2 token response

-------------------------------------------------------------------
Thu Mar 19 12:55:54 UTC 2015 - rsalevsky@suse.com

- Update to version keystone-2015.1.dev497:
  * Needn't workaround when invoking `app.request()` 2015.1.0b3
  * Imported Translations from Transifex
  * Update sample httpd config file
  * Cleanup Fernet testcases and add comments
  * Fix nullable constraints in service provider table
  * Adds test for federation mapping list order issues
  * Updated from global requirements
  * Prefer . to setattr()/getattr()
  * Support upload domain config files to database
  * Update Apache httpd config docs for token persistence
  * Add inline comment and docstrings fixes for Fernet
  * Move backend LDAP role testing to the new backend testing module
  * URL quote Fernet tokens
  * Use existing token test for Fernet tokens
  * Implement Fernet tokens for v2.0 tokens
  * remove expected backtrace from logs
  * Log when no external auth plugin registered
  * Enable sensitive substitutions into whitelisted domain configs
  * Imported Translations from Transifex
  * Create a fixture for key repository
  * Ignore unknown groups in lists for Federation
  * Remove RestfulTestCase.admin_request
  * Remove SSL configuration instructions from HTTPd docs
  * Wrap apache-httpd.rst
  * Remove fix for migration 37
  * Cleanup for credentials schema test
  * Build domain scope for Fernet tokens
  * Mark the domain config API as experimental
  * Imported Translations from Transifex
  * Allow methods to be carried in Fernet tokens
  * Federated token formatter
  * Refactor: make Fernet token creation/validation API agnostic
  * Convert audit_ids to bytes
  * Drop Fernet token prefixes & add domain-scoped Fernet tokens
  * Add JSON schema validation for service providers
  * Implements whitelist and blacklist mapping rules
  * Adding utf8 to federation tables
  * Abstract the direct map concept into an object

-------------------------------------------------------------------
Sat Feb 14 01:20:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev102:
  * Cleanup tests to not set multiple workers
  * Use subunit-trace from tempest-lib
  * Log exceptions safely
  * Imported Translations from Transifex
  * Refactor _send_audit_notification
  * Updated from global requirements
  * Remove excess brackets in exception creation
  * Update policy doc to use new rule format
  * remove the unused variables in indentity/core.py
  * make federation part of keystone core
  * Small cleanup of cloudsample policy
  * Fix error message on check on RoleV3
  * Improve creation of expected assignments in tests
  * Add a check to see if a federation token is being used for v2 auth
  * Adds a fork of python-ldap for Py3 testing
  * Updates Python3 requirements
  * Add local rules in the federation mapping tests
  * Don't try to convert LDAP attributes to boolean
  * Add schema for endpoint group
  * Don't coerce port config values
  * Add new "RoleAssignment" exception
  * Fix evaluation logic of federation mapping rules
  * Minor fix in RestfulTestCase
  * Remove unused testscenarios requirement
  * Integrate logging with the warnings module

-------------------------------------------------------------------
Fri Feb 13 01:18:53 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev53:
  * fix assertTableColumns
  * Imported Translations from Transifex
  * Sync with oslo-incubator

-------------------------------------------------------------------
Thu Feb 12 01:19:43 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev47:
  * Split the assignments controller
  * log wsgi requests at INFO level

-------------------------------------------------------------------
Wed Feb 11 01:19:27 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev43:
  * Use _VersionsEqual for a few more version tests
  * Remove test PYTHONHASHSEED setting
  * Correct version tests for result ordering
  * Correct a v3 auth test for result ordering
  * Correct catalog response checker for result ordering
  * Correct test_get_v3_catalog test for result ordering
  * Correct test_auth_unscoped_token_project for result ordering
  * Fix the syntax issue on creating table `endpoint_group`
  * Change hacking check to verify all oslo imports
  * Change oslo.i18n to oslo_i18n
  * Change oslo.config to oslo_config
  * Change oslo.db to oslo_db
  * Remove XMLEquals from tests
  * Remove unused test case
  * Change oslo.messaging to oslo_messaging
  * Deprecate LDAP Assignment Backend
  * Fix downgrade test for migration 61 on non-sqlite

-------------------------------------------------------------------
Tue Feb 10 01:23:51 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev10:
  * Make identity id mapping handle unicode
  * Improve testing of unicode id mapping
  * Change oslo.serialization to oslo_serialization

-------------------------------------------------------------------
Sun Feb  8 01:43:39 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev6:
  * Imported Translations from Transifex

-------------------------------------------------------------------
Sat Feb  7 01:42:55 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev5:
  * Fix race on default role creation
  * Imported Translations from Transifex

-------------------------------------------------------------------
Fri Feb  6 01:45:26 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev3:
  * Unscoped to Scoped only
  * Refactor federation SQL backend
  2015.1.0b2
  * Handle SSL termination proxies for version list

-------------------------------------------------------------------
Thu Feb  5 01:34:08 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev214:
  * Set initiators ID to user_id
  * Updated from global requirements
  * Adds a wip decorator for tests

-------------------------------------------------------------------
Wed Feb  4 01:46:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev209:
  * Imported Translations from Transifex
  * Update federation config to use Service Providers
  * Drop URL field from region table
  * Create K2K SAML assertion from Service Provider
  * Service Providers API for OS-FEDERATION
  * Implements subtree_as_ids query param
  * Refactor role assignment assertions
  * Remove local conf information from paste-ini
  * Explicit Unscoped
  * Remove TODO comment which has been addressed
  * Refactor keystone-all and http/keystone
  * Add positive test case for content types
  * add circular check when updating region
  * fix the wrong update logic of catalog kvs driver

-------------------------------------------------------------------
Tue Feb  3 01:46:02 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev181:
  * Fixes 'OS-INHERIT:inherited_to' info in tests
  * During authentication validate if IdP is enabled
  * Fix typo in Patch #142743
  * Implements parents_as_ids query param
  * Multiple IDP authentication URL
  * Change oslo.utils to oslo_utils
  * Imported Translations from Transifex
  * Regenerate sample config file
  * Make unit tests call the new resource manager
  * Make controllers and managers reference new resource manager
  * Remove unused pointer to assignment in identity driver
  * Move projects and domains to their own backend
  * Make role manager refer to role cache config options
  * Documentation fix for Keystone Architecture
  * Imported Translations from Transifex
  * Fix up _ldap_res_to_model for ldap identity backend
  * Use RequestBodySizeLimiter from oslo.middleware
  * Remove list_user_projects method from assignment
  * Remove unnecessary code block of exception handling
  * do parameter check before updating endpoint_group

-------------------------------------------------------------------
Thu Jan 29 01:01:24 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev144:
  * remove invalid note
  * Move test_utils to keystone/tests/unit/

-------------------------------------------------------------------
Wed Jan 28 01:03:05 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev140:
  * Add library oslo.concurrency in config-generator config file
  * Updated from global requirements
  * fix test_ec2_list_credentials
  * Assignment sql backend create_grant refactoring
  * Fix incorrect session usage in tests
  * Change /POST to /ECP at federation config

-------------------------------------------------------------------
Tue Jan 27 01:00:12 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev129:
  * Updated from global requirements

-------------------------------------------------------------------
Sun Jan 25 00:59:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev128:
  * Updated from global requirements

-------------------------------------------------------------------
Thu Jan 22 01:00:07 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev127:
  * Correct comment about circular dependency
  * Refactor assignment manager/driver methods

-------------------------------------------------------------------
Wed Jan 21 01:01:44 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev123:
  * Updated from global requirements

-------------------------------------------------------------------
Mon Jan 19 01:00:57 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev122:
  * Imported Translations from Transifex
  * Identify groups by name/domain in mapping rules
  * correct the help text of os_inherit
  * invalidate cache when updating catalog objects

-------------------------------------------------------------------
Sat Jan 17 01:00:58 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev115:
  * Updated from global requirements
  * Move sql specific filter test code into test_backend_sql
  * Fix migration 42 downgrade

-------------------------------------------------------------------
Fri Jan 16 01:01:10 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev110:
  * Fix incorrect filter test name
  * Update the keystone sample config
  * Scope federated token with 'token' identity method
  * Make unit tests call the new, split out, role manager
  * Make controllers call the new, split out, role manager
  * Correct doc string for grant driver methods
  * Split roles into their own backend within assignments
  * Fix transaction issue in migration 44 downgrade

-------------------------------------------------------------------
Thu Jan 15 01:00:47 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev94:
  * Update Inherited Role Assignment Extension section
  * Limit lines length on configuration doc
  * Fixes spacing in sentences on configuration doc
  * Fixes several typos on configuration doc
  * Trust redelegation
  * add missing parent_id parameter check in project schema
  * Updated from global requirements
  * Correct failures for H238
  * Move to hacking 0.10
  * Always return the service name in the catalog

-------------------------------------------------------------------
Wed Jan 14 00:59:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev74:
  * Additional test coverage for password changes

-------------------------------------------------------------------
Mon Jan 12 00:59:24 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev73:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Jan 10 00:59:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev72:
  * Remove unused fields in base TestCase
  * Keystoneclient tests from venv-installed client
  * Cleanup test-requirements for keystoneclient
  * Fix tests using extension drivers

-------------------------------------------------------------------
Fri Jan  9 00:59:33 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev65:
  * Fix downgrade from migration 61 on non-sqlite
  * explicit namespace prefixes for SAML2 assertion
  * Remove requirements not needed by oslo-incubator modules anymore
  * let endpoint_filter sql backend return dict data

-------------------------------------------------------------------
Wed Jan  7 00:59:03 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev58:
  * Ensure manager grant methods throw exception if role_id is invalid
  * update sample conf using latest oslo.conf
  * Remove unnecessary oslo incubator bits

-------------------------------------------------------------------
Tue Jan  6 01:00:02 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev52:
  * switch from sample_config.sh to oslo-config-generator

-------------------------------------------------------------------
Mon Jan  5 12:47:35 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev50:
  * Enable hacking rule H302

-------------------------------------------------------------------
Mon Jan  5 00:59:15 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev48:
  * Tests fail only on deprecation warnings from keystone

-------------------------------------------------------------------
Sat Jan  3 00:59:24 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev47:
  * Update the keystone.conf sample
  * Remove extra V3 version router

-------------------------------------------------------------------
Thu Jan  1 01:00:09 UTC 2015 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev43:
  * improve the EP-FILTER catalog length check in test_v3.py
  * Don't allow deprecations during testing
  * Fix to not use deprecated Exception.message
  * Fix to not use empty IN clause
  * Removes a Py2.6 version of assertSetEqual
  * Removes a Py2.6 version of inspect.getcallargs
  * Removes a bit of WSGI code converts unicode to str
  * Enhance FakeLdap to require base entry for subtree search

-------------------------------------------------------------------
Mon Dec 29 16:50:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev27:
  * fix wrong self link in the response of endpoint_groups API
  * rename oslo.concurrency to oslo_concurrency

-------------------------------------------------------------------
Mon Dec 29 00:59:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev24:
  * Imported Translations from Transifex
  * Expanded mutable hacking checks
  * Make the mutable default arg check very strict
  * Correct use of noqa

-------------------------------------------------------------------
Wed Dec 24 01:00:00 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev17:
  * Memcache connection pool excess check

-------------------------------------------------------------------
Sat Dec 20 01:00:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev15:
  * Be more precise with flake8 filename matches
  * Use bashate to run_tests.sh
  * Update federation docs to point to specs.o.org

-------------------------------------------------------------------
Fri Dec 19 01:17:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev9:
  * sync to oslo commit 1cf2c6
  * Update docs to no longer show XML support
  2015.1.0b1
  * Remove unnecessary ldap import
  * Change config option examples to v3

-------------------------------------------------------------------
Thu Dec 18 01:15:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev297:
  * Check and delete for policy_association_for_region_and_service
  * Remove XML support
  * Fix modifying a role with same name using LDAP
  * Add a test for modifying a role to set the name the same
  * Fix disabling entities when enabled is ignored
  * Add tests for enabled attribute ignored
  * Fix update role without name using LDAP

-------------------------------------------------------------------
Wed Dec 17 01:18:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev283.g3f42c1a:
  * Rename `removeEvent` to be more pythonic
  * Fix the way migration helpers check FK names
  * Add test for update role without name
  * Fixes links in Shibboleth configuration docs
  * fix wrong indentation in contrib/federation/utils.py
  * default revoke driver should be the non-deprecated driver

-------------------------------------------------------------------
Tue Dec 16 01:17:17 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev272.g9ee165f:
  * Remove database setup duplication

-------------------------------------------------------------------
Sun Dec 14 01:16:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev270.gd5c8a37:
  * Inherited role assignments to projects

-------------------------------------------------------------------
Sat Dec 13 01:17:57 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev268.ged7b033:
  * Cleanup eventlet use in tests

-------------------------------------------------------------------
Fri Dec 12 01:17:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev266.gca8a8a6:
  * Updated from global requirements
  * Remove endpoint_substitution_whitelist config option
  * TestAuthPlugin doesn't use test_auth_plugin.conf
  * Add missing translation marker for dependency

-------------------------------------------------------------------
Thu Dec 11 01:14:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev258.g71c9bf5:
  * Fix inherited user role test docstring

-------------------------------------------------------------------
Tue Dec  9 01:15:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev257.g6aaba42:
  * Adds openSUSE support for developer documentation
  * User ids that begin with 0 cannot authenticate through ldap
  * Typo in policy call
  * Updated from global requirements
  * Correct max_project_tree_depth config help text
  * make sample_data.sh account for the default options in keystone.conf
  * Move notification unit tests to unit test dir
  * Remove useless field passed into SQLAlchemy "distinct" statement

-------------------------------------------------------------------
Sun Dec  7 01:15:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev241.g2355f3a:
  * Updated from global requirements

-------------------------------------------------------------------
Sat Dec  6 01:15:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev240.g39a93ca:
  * Adds correct checks in LDAP backend tests
  * Updated from global requirements
  * Create, update and delete hierarchical projects
  * Remove irrelative comment
  * Moves hacking tests to unit directory
  * Provide useful info when parsing policy file

-------------------------------------------------------------------
Fri Dec  5 01:16:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev229.g5513052:
  * Add an identity backend method to get group by name
  * remove deprecated access log middleware
  * sys.exit mock cleanup
  * Fixes endpoint_filter tests

-------------------------------------------------------------------
Thu Dec  4 01:15:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev222.g37c6766:
  * Base methods to handle hierarchical projects
  * Add parent_id field to projects
  * Update the feature/hierarchical-multitenancy branch

-------------------------------------------------------------------
Wed Dec  3 10:12:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev215.gd82a3ca:
  * drop developer support for OS X

-------------------------------------------------------------------
Wed Dec  3 01:17:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev213.ga8106b1:
  * Ignore H302 - bug 1398472

-------------------------------------------------------------------
Tue Dec  2 01:16:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev212.g1083161:
  * Multiple IdPs problem
  * Fixes docstring at eventlet_server
  * Fix the copy-pasted help info for db_version
  * Update keystone readme to point to specs.o.org
  * Use true() rather than variable/singleton
  * use expected_length parameter to assert expected length

-------------------------------------------------------------------
Sat Nov 29 01:25:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev201.gdba82b1:
  * Updated from global requirements

-------------------------------------------------------------------
Thu Nov 27 01:27:56 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev200.g2f00feb:
  * Move check_output and git() to test utils

-------------------------------------------------------------------
Wed Nov 26 01:25:55 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev198.g6fb51ed:
  * Use _ definition from keystone.i18n
  * Remove Python 2.6 classifier
  * Speed up memcache lock
  * Add WSGIPassAuthorization to OAuth docs

-------------------------------------------------------------------
Tue Nov 25 01:24:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev190.gea4fcec:
  * Fixes create_saml_assertion() return
  * Remove duplicate setup logic in federation tests

-------------------------------------------------------------------
Sun Nov 23 00:56:24 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev186.g527924b:
  * Add import i18n to federation/controllers.py
  * Correct use of config fixture
  * Extends hacking check for logging to verify i18n hints

-------------------------------------------------------------------
Sat Nov 22 00:56:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev180.gb55aa76:
  * Adds missing log hints for level E/I/W
  * Adds dynamic checking for mapped tokens

-------------------------------------------------------------------
Fri Nov 21 00:57:16 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev176.g1ee9468:
  * Updated from global requirements

-------------------------------------------------------------------
Thu Nov 20 14:37:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev175.g2bea749:
  * Enable cloud_admin to list projects in all domains
  * Remove string from URL in list_revoke_events()
  * Configuring Keystone edits
  * Imported Translations from Transifex
  * Increase test coverage of test_versions.py
  * Increase test coverage of test_base64utils.py
  * Move base64 unit tests to keystone/tests/unit dir
  * Move injection unit tests to keystone/tests/unit
  * Doc about specifying domains in domains specific backends
  * Update references to auth_token middleware

-------------------------------------------------------------------
Sat Nov 15 01:02:05 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev157.g4ec0c61:
  * Move test_pemutils.py to unit test directory
  * Don't return ``user_name`` in mapped.Mapped class
  * Allow for REMOTE_USER name in federation mapping
  * Exclude domains with inherited roles from user domain list
  * Improve testing of exclusion of inherited roles
  * Fix project federation tokens for inherited roles
  * Improve testing of project federation tokens for inherited roles
  * Move shib specific documentation

-------------------------------------------------------------------
Fri Nov 14 01:02:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev141.g32734df:
  * Fix domain federation tokens for inherited roles
  * fix the wrong order of assertEqual args in test_v3

-------------------------------------------------------------------
Thu Nov 13 01:03:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev137.g6d5a093:
  * Improve testing of domain federation tokens for inherited roles
  * Additional debug logs for federation flows
  * Add openid connect support

-------------------------------------------------------------------
Wed Nov 12 01:04:16 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev131.gb05a540:
  * Enable hacking rule H904
  * Prevent infinite loop in token_flush
  * Tests raise exception if logging problem

-------------------------------------------------------------------
Tue Nov 11 01:03:53 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev125.ge333b41:
  * Change ca to uppercase in keystone.conf
  * Doc about deleting a domain specific backend domain

-------------------------------------------------------------------
Mon Nov 10 01:26:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev121.g2b7fdb1:
  * Fix misspelling at configuration.rst file

-------------------------------------------------------------------
Sat Nov  8 01:26:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev120.g17ec695:
  * Imported Translations from Transifex

-------------------------------------------------------------------
Fri Nov  7 01:27:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev119.gb13db25:
  * Imported Translations from Transifex
  * Enable hacking rule H104 File contains nothing but comments
  * Rename _handle_saml2_tokens() method
  * Updated from global requirements

-------------------------------------------------------------------
Thu Nov  6 01:27:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev114.g2ba7d67:
  * Rename _handle_saml2_tokens(

-------------------------------------------------------------------
Thu Oct 30 07:05:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev113.g3d9184b:
  * Updated from global requirements
  * Remove token persistence proxy
  * revise error message for keystone.token.persistence pkg

-------------------------------------------------------------------
Thu Oct 30 01:17:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev107.g7fa6e92:
  * Adds IPv6 url validation support

-------------------------------------------------------------------
Wed Oct 29 01:18:02 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev106.gf45b3e5:
  * Use oslo.concurrency instead of sync'ed version
  * Use correct name of oslo debugger script

-------------------------------------------------------------------
Tue Oct 28 01:15:00 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev102.g15a01f2:
  * Remove nonexistant param from docstring
  * Fixes aggressive use of translation hints

-------------------------------------------------------------------
Mon Oct 27 17:40:23 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev98.g1658095:
  * Sync modules from oslo-incubator
  * test_utils use jsonutils from oslo.serialization
  * Add fileutils module
  * PKI and PKIZ tokens unnecessary whitespace removed
  * Move unit tests from test_backend_ldap
  * Updated from global requirements
  * Imported Translations from Transifex
  * Correct the code path of implementation for the abstract method
  * Use newer python-ldap paging control API
  * Add xmlsec1 dependency comments
  * Add max-complexity to pep8 for Keystone
  * Remove check_password() in identity.backend.ldap
  * Remove unused ec2 driver option
  * Extract Assignment tests from IdentityTestCase
  * Fixes docstrings to be more accurate

-------------------------------------------------------------------
Fri Oct 17 00:34:55 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev73.gfdbad9f:
  * Restrict certain APIs to cloud admin in domain-aware policy

-------------------------------------------------------------------
Thu Oct 16 00:31:57 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev72.g61ccca5:
  * wrong logic in assertValidRoleAssignmentListResponse method

-------------------------------------------------------------------
Tue Oct 14 00:33:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev70.gb276f3d:
  * obsolete deployment docs
  * Address some late comments for memcache clients
  * Fix fakeldap search_s documentation

-------------------------------------------------------------------
Sun Oct 12 00:38:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev64.gc0285c8:
  * Add v3 openstackclient CLI examples
  * Update the CLI examples to also use openstackclient

-------------------------------------------------------------------
Sat Oct 11 00:45:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev60.gaf25b2b:
  * Clean up federated identity audit code

-------------------------------------------------------------------
Fri Oct 10 00:46:24 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev58.g9025b64:
  * Updated from global requirements
  * revise docs on default _member_ role
  * Refactor FakeLdap to share delete code
  * Updates package comment to be more accurate

-------------------------------------------------------------------
Thu Oct  9 00:45:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev50.g1b2fc1e:
  * Fixes a spelling error in hacking tests
  * Remove deprecated KVS trust backend
  * Imported Translations from Transifex
  * Replace an instance of keystone/openstack/common/timeutils
  * Use importutils from oslo.utils
  * Use jsonutils from oslo.serialization
  * Update 'Configuring Services' documentation
  * Use openstackclient examples in configuration documentation
  * Remove deprecated TemplatedCatalog class
  * Add an XML code directive to a shibboleth example
  * Add testcase for coverage of 002_add_endpoint_groups

-------------------------------------------------------------------
Tue Oct  7 00:25:15 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev30.g5a615fc:
  * Ensure sql upgrade tests can run with non-sqlite databases
  * Remove identity and assignment kvs backends

-------------------------------------------------------------------
Mon Oct  6 00:22:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev26.gb27a9b2:
  * Validates controller methods exist when specified
  * Switch LdapIdentitySqlAssignment to use oslo.mockpatch

-------------------------------------------------------------------
Sun Oct  5 00:23:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev22.g4f9bbb8:
  * Fixes an error deleting an endpoint group project
  * Remove images directory from docs
  * Fix tests comparing tokens

-------------------------------------------------------------------
Fri Oct  3 00:25:11 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev17.gaf1f960:
  * Remove OS-STATS monitoring
  * Handle default string values when using user_enabled_invert
  * Remove duplicated assertion
  * Remove unused cache functions from token.core

-------------------------------------------------------------------
Thu Oct  2 00:10:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev10.gc1b8fbc:
  * Convert unicode to UTF8 when calling ldap.str2dn()
  * Fix parsing of emulated enabled DN

-------------------------------------------------------------------
Wed Oct  1 00:10:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev6.ge258917:
  * Add test for getting a token with inherited role
  2014.2.rc1

-------------------------------------------------------------------
Tue Sep 30 00:38:47 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2015.1.dev201.g82ded4a:
  * Open Kilo development
  * Add placeholders for reserved migrations
  * add --rebuild option for ssl/pki_setup

-------------------------------------------------------------------
Mon Sep 29 12:23:07 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev196.g6778df0:
  * Correct typos in keystone/common/base64utils.py docstrings
  * improve dependency injection doc strings
  * Remove trailing space from string
  * Fixes code comment to be more accurate

-------------------------------------------------------------------
Sun Sep 28 00:35:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev188.g1f9248e:
  * Imported Translations from Transifex
  * Uses session in migration to stop DB locking
  * Set issuer value to CONF.saml.idp_entity_id
  * Updated from global requirements
  * Add version attribute to the SAML2 Assertion object
  * Fail on empty userId/username before query

-------------------------------------------------------------------
Sat Sep 27 00:34:57 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev176.g0200751:
  * Mark k2k as experimental
  * Update architecture documentation

-------------------------------------------------------------------
Fri Sep 26 09:42:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev172.gd229892:
  * New section for CLI examples in docs
  * Fix failure of delete domain group grant when identity is LDAP
  * Clean up the Configuration documentation
  * Adding an index on token.user_id and token.trust_id

-------------------------------------------------------------------
Fri Sep 26 00:35:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev164.g2fc25ff:
  * Fix a spelling mistake in keystone/common/utils.py

-------------------------------------------------------------------
Thu Sep 25 08:25:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev162.gd8d1477:
  * Prevent infinite recursion on persistence core on init

-------------------------------------------------------------------
Wed Sep 24 23:50:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev160.g08416ac:
  * Imported Translations from Transifex
  * Read idp_metadata_path value from CONF.saml
  * Fix Policy backend driver documentation

-------------------------------------------------------------------
Tue Sep 23 23:48:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev154.g1af2428:
  * Fix create and user-role-add in LDAP backend
  * Fix minor spelling issues in comments
  * Add a pool of memcached clients
  * Set LDAP certificate trust options for LDAPS and TLS

-------------------------------------------------------------------
Mon Sep 22 23:49:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev146.g641381a:
  * Update URLs for keystone federation configuration docs
  * Add info about pysaml2 into federation docs

-------------------------------------------------------------------
Sun Sep 21 23:48:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev142.g54054e8:
  * Do not run git-cloned ksc master tests when local client specified

-------------------------------------------------------------------
Sat Sep 20 23:49:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev140.g2f14f3a:
  * Mock doesn't have assert_called_once()
  * Imported Translations from Transifex

-------------------------------------------------------------------
Sat Sep 20 00:21:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev136.gee4ee3b:
  * Updated from global requirements
  * Safer check for enabled in trusts
  * Set the default number of workers when running under eventlet
  * Add the processutils from oslo-incubator
  * Update 'Configure Federation' documentation
  * Update man pages

-------------------------------------------------------------------
Fri Sep 19 00:23:03 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev124.g8e6e6b3:
  * Ensure identity sql driver supports domain-specific configuration

-------------------------------------------------------------------
Thu Sep 18 00:20:51 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev123.ga56d363:
  * Allow users to clean up role assignments

-------------------------------------------------------------------
Wed Sep 17 00:22:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev121.gae22900:
  * Adds a whitelist for endpoint catalog substitution
  * Revoke the tokens of group members when a group role is revoked
  * Change pysaml2 comment in test-requrements.txt
  * Document Keystone2Keystone federation

-------------------------------------------------------------------
Tue Sep 16 00:20:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g9d4e22b:
  * ldap/core deleteTree not always supported
  * Reduce unit test log level for notifications
  * Fix delete group cleans up role assignments with LDAP
  * Refactor LDAP backend using context manager for connection
  * Add delete notification to endpoint grouping
  * Ensure a consistent transactional context is used
  * Adds hint about filter placement to extension docs
  * Making KvsInheritanceTests use backend KVS

-------------------------------------------------------------------
Sun Sep 14 00:21:15 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev100.g30c1e8b:
  * Fix using local ID to clean up user/group assignments
  * Add characterization test for cleanup role assignments for group
  * Fix LDAP group role assignment listing
  * Adds pipeline hints to the example paste config
  * Use id attribute map for read-only LDAP
  * Use oslo_debug_helper and remove our own version
  * trustor_user_id not available in v2 trust token

-------------------------------------------------------------------
Sat Sep 13 00:20:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev86.g1e20448:
  * Add V3 JSON Home support to GET /
  * Make the extension docs a top level entry in the landing page
  * LDAP: refactor use of "1.1" OID
  * Enable filtering of services by name
  * Sync jsonutils from oslo-incubator 32e7f0b5
  * Update the docs that list sections in keystone.conf

-------------------------------------------------------------------
Fri Sep 12 00:22:03 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev74.gc4e9556:
  * Document mod_wsgi doesn't support chunked encoding
  * Keystone local authenticate has an unnecessary pending audit record
  * JSON Home data is required

-------------------------------------------------------------------
Thu Sep 11 00:19:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev68.g12655bf:
  * Stop skipping LDAP tests
  * Update the revocation configuration docs
  * Fixes formatting error in debug log statement
  * Update paste pipelines in configuration docs
  * Fixed typo 'in sane manner' to 'in a sane manner'
  * correct typos
  * Prevent domains creation for the default LDAP+SQL
  * Fix oauth sqlite migration downgrade failure
  * Imported Translations from Transifex
  * Avoid conversion of binary LDAP values
  * Remove unused variable TIME_FORMAT
  * Add characterization test for group role assignment listing
  * Fix dn_startswith
  * Fixes a mock cleanup issue caused by oslotest
  * Add rst code-blocks to a bunch of missing examples
  * Capitalize all instances of Keystone in the docs
  2014.2.b3
  * Fixed spelling mistakes in comments
  * use one indentation style
  * Fix admin server doesn't report v2 support in Apache httpd
  * Add test for single app loaded version response
  * Work toward Python 3.4 support and testing
  * Update the federation configuration docs for saml2
  * Add docs for enabling endpoint policy
  * warn against sorting requirements
  * Fix minor nits for token2saml generation
  * Routes for Keystone-IdP metadata endpoint

-------------------------------------------------------------------
Fri Sep  5 00:19:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev324.g7d9b8dc:
  * Lower log level for notification registration
  * Test cleanup: do not leak FDs during test runs
  * Cleanup superfluous string comprehension and coersion

-------------------------------------------------------------------
Thu Sep  4 00:20:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev318.g8661e94:
  * Adds region back into the catalog endpoint
  * Implementation of Endpoint Grouping
  * Implement validation on Trust V3 API
  * Remove TODO that was done
  * Fix follow up review issues with endpoint policy backend patch
  * Mark the revoke kvs backend deprecated, for removal in Kilo

-------------------------------------------------------------------
Tue Sep  2 13:15:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev306.g67b474f:
  * Transform a Keystone token to a SAML assertion
  * Fix region schema comment
  * Remove unused _validate_endpoint
  * controller for the endpoint policy extension
  * Implement validation on the Catalog V3 API

-------------------------------------------------------------------
Mon Sep  1 00:20:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev296.g7b81974:
  * backend for policy endpoint extension
  * Implement validation on Credential V3
  * Implement validation on Policy V3 API
  * Fix token flush fails with recursion depth exception
  * Add index for actor_id in assignments table
  * Endpoint table is missing reference to region table
  * add missing log hints for level C/E/I/W
  * Add string id type validation
  * Implement validation on Assignment V3 API
  * Redirect stdout and stderr when using subprocess

-------------------------------------------------------------------
Sun Aug 31 00:19:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev276.g9a8e6bd:
  * Add audit support to keystone federation
  * Adds tests that show how update with validation works
  * Mark the trust kvs backend deprecated, for removal in Kilo
  * Do not load auth plugins by class in tests

-------------------------------------------------------------------
Sat Aug 30 00:19:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev269.ge0d8377:
  * Add commas for ease of maintenance
  * Comments to docstrings for notification emit methods
  * Notification cleanup: namespace actions
  * Add bash code style to some portions of configuration.rst
  * Update tests to not use token_api
  * Make persistence manager in token_provider_api private
  * Add extra guarding to revoke_by_audit_id methods
  * Mark methods on token_api deprecated
  * Remove SAML2 plugin dependency on token_api
  * Remove oauth controller dependency on token_api

-------------------------------------------------------------------
Fri Aug 29 00:20:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev249.g18efc78:
  * Mark kvs backends as deprecated, for removal in Kilo
  * Add libxmlsec1 as external package dependency on OS X
  * Remove assignment_api dependency on token_api

-------------------------------------------------------------------
Thu Aug 28 15:54:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev243.g4bbbf81:
  * Update sample config

-------------------------------------------------------------------
Wed Aug 27 23:48:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev241.gf4f0bdf:
  * Enhance GET /v3 to handle Accept header
  * Enhance V3 extensions to provide JSON Home data
  * Enhance V3 extension class to integrate JSON Home data
  * Change OS-INHERIT extension to provide JSON Home data
  * Change the sub-routers to provide JSON Home data
  * Change V3 router classes to provide JSON Home data
  * Create additional docs for role assignment events
  * Add __repr__ to KeystoneToken model
  * Notification Constant Cleanup and internal notify type
  * Remove wsgi and base controller dependency on token_api
  * Remove identity_api dependency on token_api
  * Remove trust dependency on token_api
  * Update AuthContextMiddleware to not use token_api
  * Back off initial migration to 34

-------------------------------------------------------------------
Tue Aug 26 23:47:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev213.g0b54321:
  * Revoke by Audit Id / Audit Id Chain instead of expires
  * assignment controller error path fix
  * Make SQL the default backend for Identity & Assignment unit tests
  * Enhance V3 version controller to provide JSON Home response
  * Provide the V3 routers to the V3 extension controller
  * Back off initial migration to 35
  * Configurable python-keystoneclient repo

-------------------------------------------------------------------
Mon Aug 25 23:47:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev199.gde2c6e1:
  * Add CADF notifications for role assignment create and delete
  * Enhance V3 routers to store basic resource description

-------------------------------------------------------------------
Sat Aug 23 23:47:21 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev195.ge372aaf:
  * Sync Py2 and Py3 requirements files
  * Standardizing the Federation Process

-------------------------------------------------------------------
Fri Aug 22 23:47:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev191.g463b2ee:
  * Convert to urlsafe base64 audit ids
  * Sync with oslo-incubator
  * Add audit ids to tokens

-------------------------------------------------------------------
Thu Aug 21 23:47:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev185.gf6ad8f0:
  * Add notifications for policy, region, service and endpoint
  * Correct the signature for some catalog abstract method signatures
  * Fixing simple type in comment
  * Create authentication specific routes
  * Allow LDAP lock attributes to be used as enable attributes

-------------------------------------------------------------------
Tue Aug 19 23:46:56 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev177.g498a003:
  * Enable filtering of credentials by user ID
  * Expose context to create grant and delete grant
  * Use python convention for function names in test_notifications
  * Fixes an issue with the XMLEquals matcher

-------------------------------------------------------------------
Mon Aug 18 16:09:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev170.g2e49770:
  * Use mail for the default LDAP email attribute name

-------------------------------------------------------------------
Sat Aug 16 00:25:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev168.g45728c5:
  * Bump hacking to 0.9.x series
  * Rename bash8 requirement
  * Support the hints mechanism in list_credentials()
  * Keystone service throws error on receiving SIGHUP
  * Issue multiple SQL statements in separate engine.execute() calls

-------------------------------------------------------------------
Fri Aug 15 00:24:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev159.ga1da397:
  * Do not require method attribute on plugins

-------------------------------------------------------------------
Thu Aug 14 00:24:09 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev157.g409c94d:
  * Remove _BaseFederationExtension
  * Add a URL field to region table
  * Remove unnecessary declaration of CONF
  * Filter List Regions by 'parent_region_id'

-------------------------------------------------------------------
Wed Aug 13 04:53:30 UTC 2014 - tbechtold@suse.com

- Update to version keystone-2014.2.dev149.g2ea3006:
  * Updates the sample config
  * remove unused import
  * Clean whitespace off token
  * Remove strutils and timeutils from openstack-common.conf
  * Use functions in oslo.utils
  * Add an OS-FEDERATION section to scoped federation tokens
  * Ensure roles created by unit tests have correct attributes
  * Update control_exchange value in keystone.conf
  * swap import order of lxml
  * add i18n to lxml error
  * Check for empty string value in REMOTE_USER
  * Refactor names in catalog backends
  * Update CADF auditing example to show non-payload information
  * Remove ec2 contrib dependency on token_api
  * Expose token revocation list via token_provider_api
  * Remove assignment controller dependency on token_api
  * Refactor serializer import to XmlBodyMiddleware
  * Delete intersphinx mappings
  * Fix documentation link
  * Make token_provider_api contain token persistence
  * Remove S3 middleware tests from tox.ini
  * Remove unused function
  * Add oslo.utils requirement
  * Surround REMOTE_USER variable name with quotes
  * Remove `with_lockmode` use from Trust SQL backend
  * Improve instructions about federation
  * Do not override venvs
  * Imported Translations from Transifex
  * Remove debug CADF payload for every authN request
  * Don't override tox envdir for pep8 and cover jobs

-------------------------------------------------------------------
Sun Aug  3 23:55:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev60.g1ef2975:
  * Fix invalid self link in get access token
  * Details the proper way to call a callable

-------------------------------------------------------------------
Fri Aug  1 23:57:17 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev56.g76f3c55:
  * Check that region ID is not an empty string

-------------------------------------------------------------------
Thu Jul 31 23:57:02 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev54.ga617408:
  * Do not consume trust uses when create token fails
  * Refactor set domain-id and mapping code

-------------------------------------------------------------------
Wed Jul 30 23:56:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev50.g99bef1f:
  * Add filters to the collections 'self' link
  * Use config fixture from oslo.config
  * Updated from global requirements
  * KeyError instead of exception.KeyError
  * Remove duplicated asserts
  * Check url is in the 'self' link in list responses
  * Update middleware that was moved to keystonemiddleware

-------------------------------------------------------------------
Tue Jul 29 23:56:32 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev36.g5017993:
  * Update setup docs with Fedora 19+ dependencies
  * Correct revocation event test for domain_id
  * Add workaround to support tox 1.7.2
  * Fix for V2 token issued_at time changing
  * Sqlite files excluded from the repo

-------------------------------------------------------------------
Mon Jul 28 23:57:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev26.gdf13caf:
  * Fixes a capitalization issue
  * Add tests related to V2 token issued_at time changing
  * Sample config update
  * auth tests should not require admin token

-------------------------------------------------------------------
Fri Jul 25 23:44:09 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev19.g4cbe8ca:
  * Add the new Keystone TokenModel
  * Add X-Auth-Token header in federation examples
  * Clean up EP-Filter after delete project/endpoint
  * add internal delete notification for endpoint
  * remove static files from docs
  * Move token persistence classes to token.persistence module

-------------------------------------------------------------------
Thu Jul 24 23:43:34 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev7.g1c88ead:
  * cache the catalog
  * Disable a domain will revoke tokens under the same domain
  * Adding support for ldap connection pooling
  2014.2.b2
  * Add the new oslo.i18n as a dependency for Python 3

-------------------------------------------------------------------
Thu Jul 24 08:49:19 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.2.dev225.g686597b:
  * Fixes test_exceptions.py for Python3
  * Fixes test_wsgi for Python3
  * Adds several more test modules that pass on Py3
  * Reduces the amount of mocked imports for Python 3
  * Disables LDAP unit tests
  * Updated from global requirements
  * Initial implementation of validator
  * Mark the 'check_vX_token' methods deprecated
  * Extracting get group roles for project logic to drivers
  * implement GET /v3/catalog
  * Adds coverage report to py33 test runs
  * Fixed tox cover environment to share venv
  * Regenerate sample config file
  * Example JSON files should be human-readable
  * Consolidate `assert_XXX_enabled` type calls to managers
  * Move keystone.token.default_expire_time to token.provider
  * Move token_api.unique_id to token_provider_api
  * Capitalize a few project names in configuring services doc
  * Fixes a Python3 syntax error
  * Introduce pragma no cover to asbtract classes
  * project disabled/deleted notification recommendations
  * Use oslo.i18n
  * Implicitly ignore attributes that are mapped to None in LDAP

-------------------------------------------------------------------
Thu Jul 17 23:44:47 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev180.gc1a6639:
  * Sync with oslo-incubator
  * render json examples with syntax highlighting
  * Avoid loading a ref from SQL to delete the ref
  * Add revocation extension to default pipeline
  * Update docs to reflect new db_sync behaviour
  * Migrate default extensions
  * Update the configuration docs for the revocation extension
  * LDAP: Added documentation for debug_level option
  * Fixes the order of assertEqual arguments

-------------------------------------------------------------------
Wed Jul 16 23:52:13 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev162.g362216b:
  * Make sure unit tests set the correct log levels
  * Clean up the endpoint filtering configuration docs

-------------------------------------------------------------------
Sat Jul 12 00:35:09 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev158.gbbfd58a:
  * multi-backend support for identity
  * Add oslo.i18n as dependency
  * Do not use lazy translation for keystone-manage
  * Remove deprecated token_api.list_tokens
  * Imported Translations from Transifex
  * Add keystonemiddleware to requirements
  * Do not use keystone's config for nova's port
  * Adds hacking check for debug logging translations

-------------------------------------------------------------------
Fri Jul 11 00:34:07 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev144.gb3f9a5f:
  * Add _BaseFederationExtension class
  * Correct the region table to be InnoDB and UTF8
  * HEAD responses should return same status as GET
  * Make OS-FEDERATION core.Driver methods abstract

-------------------------------------------------------------------
Wed Jul  9 00:34:32 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev137.gfac022a:
  * Fix OAuth1 to not JSON-encode create access token response
  * Do not support toggling key_manglers in cache layer

-------------------------------------------------------------------
Tue Jul  8 00:34:12 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev133.g9d0ecaa:
  * Updated from global requirements
  * Sync with oslo-incubator e9bb0b59
  * Fix the section name in CONTRIBUTING.rst
  * Fix docs and scripts for pki_setup and ssl_setup

-------------------------------------------------------------------
Sun Jul  6 00:33:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev127.gb4140ae:
  * Add schema check for OS-FEDERATION mapping table

-------------------------------------------------------------------
Sat Jul  5 00:34:14 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev126.g59e01e5:
  * update example with a status code we actually use
  * Correct docstring for assertResponseSuccessful
  * remove default=None for config options

-------------------------------------------------------------------
Thu Jul  3 00:31:47 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev122.g4e45a5f:
  * Ending periods in exception messages deleted
  * Ensure that in v2 auth tenant_id matches trust
  * Add identity mapping capability

-------------------------------------------------------------------
Wed Jul  2 00:30:08 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev117.gb2f3b5c:
  * Updated from global requirements
  * Move bash8 to run under pep8 tox env

-------------------------------------------------------------------
Tue Jul  1 00:29:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g7c47629:
  * Fix test for get_*_by_name invalidation
  * Remove backend_entities from backend_ldap.conf
  * Do not leak SQL queries in HTTP 409 (conflict)

-------------------------------------------------------------------
Sun Jun 29 00:29:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev108.g50be156:
  * Remove db, db.sqlalchemy from openstack-common.conf
  * Consolidate provider calls to token_api.create_token
  * Updates Python3 requirements to match Python2
  * TestAuthInfo class in test_v3_auth made more efficient
  * Only emit disable notifications for project/domain on disable
  * Fixes catalog URL formatting to never return None
  * Updates keystone.catalog.core.format_url tests

-------------------------------------------------------------------
Sat Jun 28 00:28:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev94.gd96d546:
  * Regenerate sample config file

-------------------------------------------------------------------
Fri Jun 27 06:01:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev92.gbaf4c23:
  * Adds oslo.db support for Python 3 tests
  * Imported Translations from Transifex
  * Do not log 14+ INFO lines on a broken pipe error (eventlet)
  * Convert explicit session get/begin to transaction context

-------------------------------------------------------------------
Thu Jun 26 11:35:50 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.2.dev85.gf82b887:
  * deprecate LDAP config options for 'tenants'
  * the user_tenant_membership table was replaced by "assignment"
  * Corrects minor spelling mistakes
  * Ignoring order of user list in TenantTestCase
  * Make gen_pki.sh & debug_helper.sh bash8 compliant
  * Update docs to reference #openstack-keystone
  * Don't set sqlite_db default
  * Migrate ID generation for users/groups from controller to manager
  * oslo.db implementation
  * Test `common.sql` initialization
  * Kerberos as method name
  * test REMOTE_USER does not authenticate
  * Document pkiz as provider in config
  * Fix the typo and reformat the comments for the added option
  * Updated from global requirements
  * fix flake8 issues
  * Update sample keystone.conf file
  * Fix 500 error if request body is not JSON object
  * Default to PKIZ tokens
  * Fix a few typos in the shibboleth doc
  * Ignore broken endpoints in get_catalog
  * Properly invalidate cache for get_*_by_name methods
  * remove unnecessary word in docs: 'an'
  * remove unneeded definitions of Python Source Code Encoding
  * update release support warning for domain-specific drivers

-------------------------------------------------------------------
Wed Jun 18 00:08:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev36.gd9193ce:
  * pkiz String conversion
  * Add instructions for removing pyc files to docs
  * Add missing docstrings and 1 unittest for LDAP utf-8 fixes
  * install gettext on OS X for msgfmt

-------------------------------------------------------------------
Tue Jun 17 00:07:33 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev28.gd738598:
  * Allow for multiple PKI Style Providers
  * Password trunction makes password insecure

-------------------------------------------------------------------
Mon Jun 16 00:06:54 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev24.g7029722:
  * enable multiple keystone-all worker processes

-------------------------------------------------------------------
Sun Jun 15 00:07:19 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev22.g51a05bd:
  * Add cloud auditing notification documentation
  * Fixes typo error in Keystone
  * Make sure domains are enabled by default
  * Add v3 curl examples
  * Sync service module from oslo-incubator
  * gitignore etc/keystone/
  * Enforce ``saml2`` protocol in Apache config
  * Use translation hints
  * Fix type error message in format_url

-------------------------------------------------------------------
Sat Jun 14 00:07:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev4.ge7baea2:
  * Block delegation escalation of privilege

-------------------------------------------------------------------
Fri Jun 13 00:07:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev2.g4f93ec6:
  2014.2.b1
  * Use code-block for curl examples

-------------------------------------------------------------------
Wed Jun 11 23:41:59 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev349.gfb0e4c5:
  * add docs on v2 & v3 support in the service catalog

-------------------------------------------------------------------
Tue Jun 10 23:41:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev347.g8de4ffa:
  * Make sure all the auth plugins agree on the shared identity attributes
  * Catalog driver generates v3 catalog from v2 catalog
  * fixed several pep8 issues
  * Consistenly use jsonutils instead of json

-------------------------------------------------------------------
Mon Jun  9 23:41:35 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev339.ga0a3237:
  * Code which gets and deletes elements of tree was moved to one method
  * Remove obsolete note from ldap

-------------------------------------------------------------------
Fri Jun  6 23:41:32 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev335.g3c07fba:
  * Add v2 & v3 API documentation
  * Compressed Token Provider
  * document keystone-specs instead of LP blueprints in README

-------------------------------------------------------------------
Thu Jun  5 23:41:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev329.g983baf4:
  * remove out of date docs for Fedora 15

-------------------------------------------------------------------
Wed Jun  4 23:41:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev327.g25a7f4a:
  * Invalid command referenced in federation documentation
  * Fix curl example refs in docs
  * pep8: do not test locale files
  * Updated from global requirements
  * Refactor driver_hints
  * Unimplemented get roles by group for project list
  * Update mailmap entry for Brant

-------------------------------------------------------------------
Sat May 31 00:06:43 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev314.g3556857:
  * Make sure scoping to the project of a disabled domain result in 401
  * Fixed wrong behavior when updating tenant or user with LDAP backends
  * Cleanup openstack-common.conf and sync from olso
  * Refactor tests regarding required attributes
  * Check that the user is dumb moved to the common method

-------------------------------------------------------------------
Fri May 30 00:09:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev304.g6ed0549:
  * document pki_setup and ssl_setup in keystone.conf.sample

-------------------------------------------------------------------
Thu May 29 00:09:24 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev303.g93bc881:
  * recommend excluding 35357 from ephemeral ports
  * Fixes duplicated DELETE queries on SQL backends
  * Suggest users to remove REMOTE_USER from shibd conf
  * Imported Translations from Transifex
  * indicate that sensitive messages can be disabled
  * replaced unicode() with six.text_type()
  * no one uses macports

-------------------------------------------------------------------
Wed May 28 00:08:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev290.g972322d:
  * Fix spelling mistakes in docs
  * Replace magic value 'service/security' in CadfNotificationWrapper
  * Replace assertTrue and assertFalse with more suitable asserts
  * remove a few backslash line continuations

-------------------------------------------------------------------
Tue May 27 00:07:34 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev282.g97fca80:
  * sql migration: ensure using innodb utf8 for assignment table

-------------------------------------------------------------------
Mon May 26 00:07:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev280.g8b83737:
  * install from source docs never actually install the keystone service

-------------------------------------------------------------------
Sun May 25 00:07:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev278.g660d351:
  * Cleanup of ldap assignment backend

-------------------------------------------------------------------
Sat May 24 00:08:35 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev276.g7d09cdc:
  * LDAP fix for get_roles_for_user_and_project user=group ID
  * Mapping engine does not handle regex properly
  * Regenerate sample config
  * Stronger assertion for test_user_extra_attribute_mapping

-------------------------------------------------------------------
Fri May 23 00:08:17 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev268.g6c9b48f:
  * Reduce log noise on expired tokens
  * Fix version links to docs.openstack.org

-------------------------------------------------------------------
Wed May 21 23:44:59 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev264.g72f046f:
  * Remove all mostly untranslated PO files
  * SQL fix for get_roles_for_user_and_project user=group ID

-------------------------------------------------------------------
Sun May 18 23:44:07 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev261.g455d50e:
  * Add note for v3 API clients using auth plugin docs
  * Refactor test_auth trust related tests
  * Add mailmap entry

-------------------------------------------------------------------
Wed May 14 23:57:16 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev255.g3ca5ce4:
  * Make the LDAP debug option a configurable setting

-------------------------------------------------------------------
Tue May 13 23:57:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev253.g8697b39:
  * Add detailed federation configuration docs
  * Escape values in LDAP search filters

-------------------------------------------------------------------
Fri May  9 23:57:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev249.g401294d:
  * Reduce excess LDAP searches

-------------------------------------------------------------------
Tue May  6 23:56:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev248.g820e4f1:
  * Refactor create_trust for readability
  * Adds several more tests to the Python 3 test run

-------------------------------------------------------------------
Mon May  5 23:52:58 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev246.g3ec0c5e:
  * Fixed the policy tests in Python 3
  * Fixed the size limit tests in Python 3
  * Fix cache configuration checks

-------------------------------------------------------------------
Sat May  3 23:52:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev242.g1e6b45f:
  * setUp must be called on a fixture's parent first
  * First real Python 3 tests
  * Make the py33 Jenkins job happy

-------------------------------------------------------------------
Fri May  2 23:52:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev236.ga725b67:
  * fixed typos found by RETF rules in RST files
  * Remove the configure portion of extension docs
  * Ensure token is a string
  * Fixed some typos throughout the codebase
  * Allow 'description' in V3 Regions to be optional
  * More random values for oAuth1 verifier
  * Set proper DB_INIT_VERSION on db_version command
  * Sync with oslo-incubator 28fba9c
  * Check that all po/pot files are valid
  * Refactor service readiness notification

-------------------------------------------------------------------
Thu May  1 23:52:23 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev216.g1dde174:
  * Add rally performance gate job for keystone

-------------------------------------------------------------------
Wed Apr 30 23:52:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev214.g314c032:
  * Migration DB_INIT_VERSION in common place
  * Redundant unique constraint
  * Correct `nullable` values in models and migrations

-------------------------------------------------------------------
Tue Apr 29 23:53:02 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev208.g69ef772:
  * Move hacking code to a separate fixture
  * Some methods in ldap were moved to superclass
  * Use oslo.test mockpatch
  * Refactor notifications
  * Ignore broken endpoints in get_v3_catalog

-------------------------------------------------------------------
Sun Apr 27 00:42:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev198.gd4c4a96:
  * No longer allow listing users by email
  * Fix sql_upgrade tests run by themselves
  * Refactor test_password_hashed to the backend testers
  * Fix catalog Driver signatures

-------------------------------------------------------------------
Sat Apr 26 00:39:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev190.g64857e3:
  * Add localized response test
  * Make test_revoke expiry times distinct
  * Removed duplication with list_user_ids_for_project
  * Fix the "search for sql.py" files for db models
  * Sync with oslo-incubator 74ae271
  * Updated from global requirements
  * Compatible server default value in the models
  * Explicit foreign key indexes
  * Added statement for ... if ... else
  * More notification unit tests
  * Fix typo of ANS1 to ASN1

-------------------------------------------------------------------
Fri Apr 25 00:38:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev169.gb44ba65:
  * Imported Translations from Transifex
  * Fix typo on cache backend module

-------------------------------------------------------------------
Thu Apr 24 00:38:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev166.g2fea4a9:
  * Code which gets elements of tree in ldap moved to a common method
  * Include extra attributes in list results
  * Configurable token hash algorithm

-------------------------------------------------------------------
Wed Apr 23 00:39:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev160.gc267914:
  * Discourage use of pki_setup
  * Fixes for in-code documentation

-------------------------------------------------------------------
Tue Apr 22 00:42:40 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev156.gfd5a148:
  * add dependencies of keystone dev-enviroment

-------------------------------------------------------------------
Mon Apr 21 00:42:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev155.g0773c4e:
  * Remove LDAP password hashing code

-------------------------------------------------------------------
Sun Apr 20 00:43:45 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev153.gaca369f:
  * More efficient DN list for LDAP role delete
  * Allow any attributes in mapping

-------------------------------------------------------------------
Sat Apr 19 00:43:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev150.g4907779:
  * Don't re-raise instance
  * Enhance tests for user extra attribute mapping

-------------------------------------------------------------------
Fri Apr 18 00:43:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev146.ge55216e:
  * Isolate backend loading
  * Adding one more check on project_id
  * Cleanup of test_cert_setup tests

-------------------------------------------------------------------
Wed Apr 16 23:37:03 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev140.g0473e5a:
  * Add missing import, remove trailing ":" in middleware example
  * Sync with oslo-incubator 2fd457b
  * Remove unnecessary dict copy
  * Removed unused code

-------------------------------------------------------------------
Tue Apr 15 23:37:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev133.gde33c22:
  * Moves test database setup/teardown into a fixture
  * More debug output for test
  * Updated from global requirements

-------------------------------------------------------------------
Mon Apr 14 23:37:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev127.g4cc6a9c:
  * Collapse SQL Migrations

-------------------------------------------------------------------
Sat Apr 12 23:37:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev125.g58d71b9:
  * Refactor: moved flatten function to utils
  * Treat LDAP attribute names as case-insensitive
  * Adds style checks to ease reviewer burden
  * Refactor: move federation functions to federation utils
  * Convert test_backend_ldap to config fixture
  * Fix assertEqual arguments order(catalog, cert_setup, etc)

-------------------------------------------------------------------
Fri Apr 11 00:02:55 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev114.g9b580d2:
  * replace word 'by' with 'be'
  * List all forbidden attributes in the request body

-------------------------------------------------------------------
Thu Apr 10 00:03:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev110.gda4d4a1:
  * Adding more descriptive error message
  * Fixed wrong behavior in method search_s in BaseLdap class

-------------------------------------------------------------------
Wed Apr  9 00:03:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev108.gdc43f94:
  * Fix response for missing attributes in trust
  * Add tests for user ID with comma
  * Cleanup config.py

-------------------------------------------------------------------
Tue Apr  8 00:44:52 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev103.g76b396a:
  * Clean up config help text

-------------------------------------------------------------------
Sun Apr  6 00:41:27 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev101.g284511a:
  * Remove common.V3Controller.check_required_params() method

-------------------------------------------------------------------
Sat Apr  5 00:42:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev99.gdef83cc:
  * Fix invalid LDAP filter for user ID with comma
  * Remove assignment proxy methods/controllers
  * Remove legacy_endpoint_id and enabled from service catalog
  * Replace all use of mox with mock
  * Reduce environment logging
  * Add slowest output to tox runs (testr)

-------------------------------------------------------------------
Fri Apr  4 09:14:42 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev87.g8c53f42:
  * Fix parallel unit tests keystoneclient partial checkout
  * Sync from oslo db.sqlalchemy.migration
  * Removes unused db_sync methods
  * Removes useless wrapper from manager base class
  * For ldap, API wrongly reports user is in group
  * Keystone doesn't use pam
  * remove the unused variable in test_sql_upgrade

-------------------------------------------------------------------
Thu Apr  3 00:50:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev73.gd8c0c81:
  * Sanitizes authentication methods received in requests
  * Fix create_region_with_id raise 500 Error bug
  * Make service catalog include service name
  * Remove unused db_sync from extensions

-------------------------------------------------------------------
Wed Apr  2 00:56:06 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev65.gd33cd47:
  * support conventional domain name with one or more dot
  * Remove _delete_tokens function from federation controller

-------------------------------------------------------------------
Tue Apr  1 00:53:44 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev61.gb803fe8:
  * Fixed small capitalization issue
  * Removes some duplicate setup from a testcase
  * Updated from global requirements
  * Enable concurrent testing by default
  * Moves database setup/teardown closer to its usage
  * Fix assertEqual arguments order(auth_plugin, backend, backend_sql, etc)
  * Fix the order of assertEqual arguments(keystoneclient, kvs, etc)

-------------------------------------------------------------------
Mon Mar 31 12:22:22 UTC 2014 - speilicke@suse.com

- Add python-oslotest dependency to fix build

-------------------------------------------------------------------
Sun Mar 30 01:02:30 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev47.ge8d8306:
  * Fix Jenkins translation jobs

-------------------------------------------------------------------
Sat Mar 29 01:03:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev46.g7882359:
  * Cleanup ldap tests (mox and reset values)
  * Check domain_id with equality in assignment kvs
  * Imported Translations from Transifex
  * test_v3_token_id correctly hash token
  * Safer noqa handling
  * Expand the use of non-ascii values in ldap test
  * Properly handle unicode & utf-8 in LDAP
  * Refactor LDAP API
  * Remove unnecessary test setUps
  * Use CMS to generate sample tokens
  * Allows override of stdout/stderr/log capturing
  * Cleanup revocation query
  * Use assertIsNone when comparing against None
  * Removes the use of mutables as default args
  * Use assertIn in test_v3_catalog
  * Start using to oslotest
  * Fix test_provider_token_expiration_validation transient failure

-------------------------------------------------------------------
Fri Mar 28 01:03:04 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev13.ga5382fa:
  * Remove noqa form import _s
  * Use in-memory SQLite for sql migration tests
  * Use in-memory SQLite for testing
  * Remove extraenous instantiations of managers
  * Add placeholders for reserved migrations
  2014.1.rc1
  * code hygiene; use six.text_type, escape regexp's, use key function
  * Add a space after the hash for block comments

-------------------------------------------------------------------
Thu Mar 27 01:02:43 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.2.dev176.g724d056:
  * Open Juno development
  * Enable lazy translations in httpd/keystone.py
  * Avoid using .values() on the indexed columns
  * Imported Translations from Transifex
  * revert deprecation of v2 API
  * Updated from global requirements
  * Uses generator expressions instead of filter

-------------------------------------------------------------------
Wed Mar 26 01:04:09 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev162.g3056dc5:
  * exclude disabled services from the catalog
  * refactor AuthCatalog tests
  * Rename keystone.tests.fixtures
  * Change the default version discovery URLs
  * Remove extra cache layer debugging
  * Fix doc build errors with SQLAlchemy 0.9
  * Sync oslo-incubator db.sqlalchemy b9e2499
  * Always include 'enabled' field in service response

-------------------------------------------------------------------
Tue Mar 25 01:04:33 UTC 2014 - cloud-devel@suse.de

- Rebased patches:
  + 0001-Create-TMPDIR-for-tests-recursively.patch dropped (merged upstream)

-------------------------------------------------------------------
Tue Mar 25 01:04:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev146.ge7b3005:
  * Create TMPDIR for tests recursively
  * test tcp_keepidle only if it's available on the current platform
  * Add dedicated URL for issuing unscoped federation tokens

-------------------------------------------------------------------
Mon Mar 24 01:03:17 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev141.g0fb0dfd:
  * Filter SAML2 assertion parameters with certain prefix

-------------------------------------------------------------------
Sun Mar 23 01:04:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev139.g1e84251:
  * Use oslo db.sqlalchemy.session.EngineFacade.from_config

-------------------------------------------------------------------
Sat Mar 22 01:02:46 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev137.ga3c7553:
  * Add support for parallel testr workers in Keystone
  * is_revoked check all viable subtrees
  * update sample conf
  * explicitly import gettext function
  * expires_at should be in a tuple not turned into one
  * Comparisons should account for instantaneous test execution
  * Make domain_id immutable by default
  * Do not expose internal data on UnexpectedError
  * Filter LDAP dumb member when listing role assignments

-------------------------------------------------------------------
Fri Mar 21 00:57:29 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev121.gff88763:
  * Ability to turn off ldap referral chasing
  * Add user_id when calling populate_roles_for_groups
  * Store groups ids objects list in the OS-FEDERATION object
  * Uses explicit imports for _
  * Rename scope_to_bad_project() to test_scope_to_bad_project()
  * Make LIVE Tests configurable with ENV

-------------------------------------------------------------------
Wed Mar 19 01:09:28 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev109.gd4574a7:
  * Move test .conf files to keystone/tests/config_files
  * Removal of test .conf files

-------------------------------------------------------------------
Tue Mar 18 10:31:49 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev105.gd906f57:
  * Filter out nonstring environment variables before rules mapping
  * Provide option to make domain_id immutable
  * Replace httplib.HTTPSConnection in ec2_token
  * Don't automatically enable revocation events
  * Ensure v3policysample correctly limits domain_admin access
  * Sync db, db.sqlalchemy from oslo-incubator 0a3436f
  * Do not use keystone.conf.sample in tests
  * Use class attribute to represent 'user' and 'group'
  * trust creation allowed with empty roles list

-------------------------------------------------------------------
Sat Mar 15 01:12:05 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev88.gcd3b6f6:
  * Update sample config
  * remove hardcoded SQL queries in tests
  * Fix db_version failed with wrong arguments

-------------------------------------------------------------------
Fri Mar 14 00:57:36 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev82.g358674a:
  * Updated from global requirements
  * Remove unnecessary oauth1.Manager constructions
  * Enforce groups presence for federated authn
  * Very minor cleanup to default_fixtures
  * Cleanup keystoneclient tests
  * Cleanup fixture data added to test instances
  * Cleans up test data from limit tests
  * Cleanup of instance attrs in core tests
  * Cleanup backends after each test
  * Fix include only enabled endpoints in catalog
  * Add unit tests for disabled endpoints in catalog
  * Add OS-OAUTH1 to consumers links section

-------------------------------------------------------------------
Thu Mar 13 01:39:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev58.gcb742d0:
  * Fixup region description uniqueness
  * Add missing documentation for enabling oauth1 auth plugin
  * Configurable temporary directory for tests

-------------------------------------------------------------------
Wed Mar 12 00:55:39 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev52.g989dd71:
  * Add missing documentation for enabling federation auth plugin
  * Call an existing method in sync cache for revoke events
  * Remove unnecessary calls to self.config()
  * Import order is fixed

-------------------------------------------------------------------
Tue Mar 11 01:34:48 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev45.gfb8209e:
  * Use config fixture

-------------------------------------------------------------------
Mon Mar 10 16:21:20 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev43.g58bb5e9:
  * Fix docstrings in federation related modules
  * Sync db, db.sqlalchemy, gettextutils from oslo-incubator 6ba44fd
  * V3 xml responses should use v3 namespace
  2014.1.b3
  * Update ADMIN_TOKEN description in docs
  * Remove unused function from tests
  * Don't need session.flush in context managed by session
  * Remove vim headers
  * Removes use of timeutils.set_time_override
  * Removes a redundant test
  * revocation_list only call isotime on datetime objects
  * Handle exception messages with six.text_type
  * Fix webob.exc.HTTPForbidden parameter miss

-------------------------------------------------------------------
Thu Mar  6 16:31:18 UTC 2014 - speilicke@suse.com

- Fix requirements

-------------------------------------------------------------------
Thu Mar  6 16:20:17 UTC 2014 - speilicke@suse.com

- Update to version keystone-2014.1.dev515.g8c168bc:
  * v3 endpoint create should require url

-------------------------------------------------------------------
Thu Mar  6 15:15:26 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev513.g7913636:
  * Mark revoke as experimental
  * Imported Translations from Transifex
  * allow create credential with the system admin token
  * Always include 'enabled' field in endpoint response
  * Add the last of the outstanding helpstrings to config
  * Update curl api example to specify tenant
  * Update Oslo wiki link in README
  * Lazy gettextutils behavior
  * Update Oslo wiki link in README

-------------------------------------------------------------------
Thu Mar  6 00:55:38 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev495.g388155c:
  * Stop gating on up-to-date sample config file
  * Token Revocation Extension

-------------------------------------------------------------------
Wed Mar  5 01:00:25 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev492.g4bec42e:
  * drop key distribution from icehouse
  * Limited use trusts
  * Remove common.sql.migration

-------------------------------------------------------------------
Tue Mar  4 01:31:16 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev487.ge9c5a00:
  * Properly configure OS-EP-FILTER test backend
  * Add tests for endpoint enabled
  * Remove the un-used and non-maintained PAM identity backend
  * SQLAlchemy Change to support more strict dialect checking
  * Update oslo-incubator log.py to a01f79c

-------------------------------------------------------------------
Mon Mar  3 11:55:18 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev477.gfb19984:
  * deprecate XML support in favor of JSON
  * Remove unused variable
  * Replace assertEqual(None, *) with assertIsNone in tests
  * Fix assertEqual arguments order(_ldap_tls_livetest, backend_kvs, etc)

-------------------------------------------------------------------
Mon Mar  3 01:34:37 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev469.g0908a0b:
  * Remove paste_deploy from test_overrides.conf
  * Remove "test-only" pam config options
  * Imported Translations from Transifex
  * Fix assertEqual arguments order(backend_ldap, cache, v3_protection)
  * add policy entries for /v3/regions

-------------------------------------------------------------------
Sun Mar  2 00:46:10 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev460.g42e2375:
  * Fix get project users when no user exists
  * Implement V3 Specific Version of EC2 Contrib
  * Support authentication via SAML 2.0 assertions
  * oauth1 extension migration fails with DB2

-------------------------------------------------------------------
Sat Mar  1 01:13:15 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev453.g716c52c:
  * Fix table name typo in test_sql_upgrade
  * Cleanup and add more config help strings
  * Ensure v2 API only returns projects in the default domain
  * Fix the order of assertEqual arguments(v3_auth, v3_identity)

-------------------------------------------------------------------
Thu Feb 27 01:31:01 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev445.g9663fa8:
  * Support for mongo as dogpile cache backend
  * Fix issue with DB upgrade to assignment table
  * Remove duplicated cms file

-------------------------------------------------------------------
Wed Feb 26 00:38:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev440.g8c8f776:
  * Unimplemented error on V3 get token
  * Updated from global requirements
  * Fix keystone-manage db_version
  * Remove redundant default value None for dict.get
  * Always hash passwords on their way into the DB
  * Refactor tests move assertValidErrorResponse

-------------------------------------------------------------------
Tue Feb 25 01:33:05 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev428.gb5a26b3:
  * Move _BaseController to common/controllers.py
  * Remove oslo rpc
  * Uses the venv virtualenv for the pep8 command
  * Update man pages
  * Remove auth_token middleware doc

-------------------------------------------------------------------
Mon Feb 24 01:10:26 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev418.g8bc0433:
  * Sync db.exception from Oslo
  * Add tests for create grant when no group
  * Add tests for create grant when no user
  * Add version routes to KDS
  * KDS fix documented exception
  * Remove unused method _get_domain_id_from_auth

-------------------------------------------------------------------
Sun Feb 23 00:54:50 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev406.g72b794f:
  * Remove oslo notifier
  * Keystone doc has wrong keystone-manage command

-------------------------------------------------------------------
Sat Feb 22 00:54:41 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev402.g932647d:
  * Correct a docstring in keystone.common.config
  * Enable pep8 test against auto-generated configuration
  * Update config options with helpstrings and generate sample
  * strengthen assertion for unscoped tokens
  * bad config user_enable_emulation in mask test
  * Fix test_provider_token_expiration_validation transient failure
  * Update oslo-incubator fixture to 81c478
  * Mark strings for translation in ldap backends

-------------------------------------------------------------------
Fri Feb 21 01:35:55 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev386.g472cc5e:
  * Fix assertEqual arguments order
  * Remove sql.Base
  * Add test for list project users when no user

-------------------------------------------------------------------
Thu Feb 20 15:33:47 UTC 2014 - dmueller@suse.com

- Update to version keystone-2014.1.dev381.g9fbb60d:
  * Convert Token Memcache backend to new KeyValueStore Impl
  * Implement mechanism to provide non-expiring keys in KVS
  * Rationalize the Assignment Grant Tables
  * Keystone team uses #openstack-keystone now
  * Adds model mixin for {to,from}_dict functionality
  * Adds Cloud Audit (CADF) Support for keystone authentication
  * Use class attribute to represent 'project'
  * Switch over to oslosphinx
  * Replace notifier with oslo.messaging
  * Clean StatsController unnecesary members
  * Use global to represent OS-TRUST:trust
  * Additional notifications for revocations
  * Use Oslo.db migration
  * `find_migrate_repo` improvement
  * Variable 'domain_ref' referenced before assignment
  * Cleanup Dogpile KVS Memcache backend support
  * Restructure KDS options to be more like Keystone's options
  * Setup code for auto-config sample generation
  * Correct `find_migrate_repo` usage
  * Make live LDAP user DN match the default from devstack
  * Set sensible default for keystone's paste
  * Treat sphinx warnings as errors
  * Use WebOb directly in ec2_token middleware
  * Add lockfile and kombu as requirements for keystone
  * Move filter_limit_query out of sql.Base
  * List trusts, incorrect self link
  * LDAP: document enabled_emulation
  * Provide clearer error when deleting enabled domain
  * Cleanup oauth tests
  * Correctly normalize consumer fields on update

-------------------------------------------------------------------
Fri Feb 14 07:44:02 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev310.ge8f8c17:
  * Remove s3_token functional tests
  * Remove copyright from empty files
  * Syncing policy engine from oslo-incubator
  * Rename Openstack to OpenStack
  * Refactor get role for trust
  * Adds a fixture for setting up the cache
  * Fixes bug in exception message generation
  * reverse my preferred mailmap
  * Notifications upon disable
  * Move identity logic from controller to manager
  * Changing testcase name to match our terminology
  * explicitly expect hints in the @truncated signature
  * list limit doc cleanup
  * Correct error class in find_migrate_repo
  * Enforce current certificate retrieval behaviour
  * Use WebOb directly for locale testing
  * Doc - Keystone configuration - moving RBAC section
  * Do not use auth_info objects for accessing the API
  * Update kvs assignment backend docs
  * Remove vim header
  * Document priority level on Keystone notifications
  * Uses six.iteritems for Python3 compat
  * Use message when creating Unauthorized exception
  * Use passed filter dict param in core sql filtering
  * Tests use setUp rather than init
  * Tests remove useless config list cleanup code
  * Reference dogpile.cache.memcached backend properly
  * Safe command handling for openssl

-------------------------------------------------------------------
Thu Feb 13 01:25:31 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev255.g586a3ff:
  * Allow specifying region ID when creating region
  * Cleanup KDS doc build errors
  * Add in functionality to set key_mangler on dogpile backends
  * Fix indentation issue
  * Cleanup invalid token exception text
  * Fixes a misspelling
  * Doc - Detailing objects' attributes available for policy.json
  * Remove unused method _get_domain_conf
  * Remove unused method _store_protocol
  * Remove tox locale overrides
  * Remove unused methods from AuthInfo
  * Remove unused method _create_metadata
  * revise example extension directory structure
  * Update db.sqlalchemy.session from oslo-incubator 018138
  * Do not call deprecated functions
  * Fixes a Python3 syntax error using raise
  * Uses six.text_type instead of unicode
  * Removes xrange for Python3 compat
  * Cleanup sample config
  * Remove unused variable assignment
  * Remove legacy diablo and essex test cruft
  * Enhancing tests to check project deletion in Active Directory
  * Change assertTrue(isinstance()) by optimal assert
  * sync oslo-incubator log.py
  * turn off eventlet.wsgi debug

-------------------------------------------------------------------
Wed Feb 12 00:55:22 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev205.gfcc1547:
  * Adds rule processing for mapping
  * Limit calls to memcache backend as user token index increases in size
  * Implement list limiting support in driver backends
  * Update the default_log_levels defaults
  * Correct sample config default log levels

-------------------------------------------------------------------
Tue Feb 11 14:45:56 UTC 2014 -  cloud-devel@suse.de

- Update to version keystone-2014.1.dev195.g6ed19c2:
  * Style the code examples in docs as python
  * Deprecate s3_token middleware
  * Update requirements to 661e6
  * Fix misspellings in keystone
  * Removes use of fake_notify and fixes notify test
  * Remove host from per notification options
  * Remove default_notification_level from conf
  * Mock sys.exit in testing
  * Move v3_to_v2_user from manager to controller
  * Adds tcp_keepalive and tcp_keepidle config options
  * clean up keystone-manage man page
  * Fix indentation errors found by Pep8 1.4.6+
  * Fix assignment to not require user or group existence
  * cleaned up extension development docs
  * Tests initialize database
  * Improve forbidden checks
  * rename templated.TemplatedCatalog to templated.Catalog

-------------------------------------------------------------------
Wed Feb  5 15:41:43 UTC 2014 - speilicke@suse.com

- Update to version keystone-2014.1.dev161.g211bfc3:
  * Ensure mapping rule has only local and remote properties
  * fix grammar error in keystone-manage.rst
  * Add rules to be a required field for mapping schema
  * Cleanup docstrings
  * Removes useless string
  * Removes duplicate key from test fixtures
  * Add tests to ensure additional remote properties are not validated
  * Change 'oauth_extension' to 'oauth1_extension'
  * Modified keystone endpoint-create default region
  * Load the federation manager
  * Sync oslo's policy module
  * Replace urllib/urlparse with six.moves.*
  * Change Continuous Integration Project link
  * Refactor Auth plugin configuration options
  * Use self.opt_in_group overrides
  * Federation IdentityProvider filter fields on update response
  * Remove unnecessary test methods
  * Refactor federation controller class hierarchy
  * Refactor mutable parameter handling
  * Make error strings translatable
  * Add required properties field to rules schema
  * deprecate access log middleware
  * remove access log middleware from the default paste pipeline
  * deprecate v2.0 API in multiple choice response
  * Add a docstring and rename mapping tests
  * Remove versionId, versionInfo, versionList from examples
  * Don't set default for a nullable column
  * Remove autoincrement from String column

-------------------------------------------------------------------
Mon Mar 18 10:41:35 UTC 2013 - speilicke@suse.com

- Drop +git.$TIMESTAMP.$COMMITHASH version suffix 

-------------------------------------------------------------------
Fri Feb 22 10:25:35 UTC 2013 - saschpe@suse.de

- Require openstack-suse-macros instead of openstack-macros

-------------------------------------------------------------------
Wed Dec 19 15:37:39 UTC 2012 - saschpe@suse.de

- It's a noarch package

--------------------------------------------------------------------
Wed Dec 19 12:40:14 UTC 2012 - saschpe@suse.de

- Move to obs-service-git_tarballs
- Update to version 2012.2.3+git.1355917214.0c8c2a3:
  + Merge commit 'refs/changes/01/17901/1' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom
  + Bump next version to 2012.2.3
  + Ensure serviceCatalog is list when empty, not dict

-------------------------------------------------------------------
Thu Nov 22 10:41:32 UTC 2012 - saschpe@suse.de

- Initial version