Current Series Release Notes

Current Series Release Notes

5.3.0-5

Bug Fixes

  • [bug 1649735] The auth_token middleware no longer attempts to retrieve the revocation list from the Keystone server. The deprecated options check_revocations_for_cached and check_revocations_for_cached have been removed.
  • [bug 1800017] Fix audit middleware service catalog parsing for the scenario where a service does not contain any endpoints. In that case, we should just skip over that service.
  • [bug 1797584] Fixed a bug where the audit code would select the wrong target service if the OpenStack service endpoints were not using unique TCP ports.

5.3.0

Bug Fixes

  • [bug 1789351] Fixed the bug that when initialize AuthProtocol, it’ll raise “dictionary changed size during iteration” error if the input CONF object contains deprecated options.
  • When delay_auth_decision is enabled and a Keystone failure prevents a final decision about whether a token is valid or invalid, it will be marked invalid and the application will be responsible for a final auth decision. This is similar to what happens when a token is confirmed not valid. This allows a Keystone outage to only affect Keystone users in a multi-auth system.

5.1.0

New Features

  • [bug 1762362] The value of the header “WWW-Authenticate” in a 401 (Unauthorized) response now is double quoted to follow the RFC requirement.

Bug Fixes

  • [bug 1766731] Keystonemiddleware now supports system scoped tokens. When a system-scoped token is parsed by auth_token middleware, it will set the OpenStack-System-Scope header accordingly.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.