Queens Series Release Notes¶

17.0.4-15¶

Bug Fixes¶

The conditional that determines whether the sso_callback_template.html file is deployed for federated deployments has been fixed.

17.0.0¶

New Features¶

Extra headers can be added to Keystone responses by adding items to keystone_extra_headers. Example:

keystone_extra_headers:
  - parameter: "Access-Control-Expose-Headers"
    value: "X-Subject-Token"
  - parameter: "Access-Control-Allow-Headers"
    value: "Content-Type, X-Auth-Token"
  - parameter: "Access-Control-Allow-Origin"
    value: "*"

Deprecation Notes¶

The variables keystone_memcached_servers and keystone_cache_backend_argument have been deprecated in favor of keystone_cache_servers, a list of servers for caching purposes.

Security Issues¶

The following headers were added as additional default (and static) values. X-Content-Type-Options nosniff, X-XSS-Protection “1; mode=block”, and Content-Security-Policy “default-src ‘self’ https: wss:;”. Additionally, the X-Frame-Options DENY header was added, defaulting to DENY. You may override the header via the keystone_x_frame_options variable.

Queens Series Release Notes

Queens Series Release Notes¶

17.0.4-15¶

Bug Fixes¶

17.0.0¶

New Features¶

Deprecation Notes¶

Security Issues¶

OpenStack-Ansible

Page Contents