Xena Series Release Notes


New Features

  • The new keystone::notification_opt_out parameter has been added.


New Features

  • Added description parameter to keystone_user resource.

  • The keystone::federation::ipenidc class now supports the new openidc_response_mode parameter, to customize mod_auth_openidc response mode.

Security Issues

  • Content of fernet keys and credential keys are now hidden from output, when these files are updated.


New Features

  • Adds new purge_config parameter. When set to true, the policy file is cleared during configuration process. This allows to remove any existing rules before applying them or clean the file when all policies got removed.


New Features

  • Adding the following configurable items for OpenID:

    • keystone::federation::openidc::openidc_pass_userinfo_as to set OIDCPassUserInfoAs

    • keystone::federation::openidc::openidc_pass_claim_as to set OIDCPassClaimsAs


Upgrade Notes

  • Fedora is no longer supported.


New Features

  • There is now a new policy_dirs parameter in the keystone::policy class, so one can set a custom path.

  • A new class keystone::wsgi::uwsgi exist to allow configuring uwsgi in operating systems that support this (ie: currently Debian). This helps configuring the number of processes, threads and listen socket. Also, a new keystone_wsgi_config provider now exist.