openstack-attic/identity-api
Code Issues Proposed changes
identity-api/openstack-identity-api/v2.0/src/docbkx/HP-IDM/HP-IDM.xml
Andreas Jaeger e4ef1a357f Pretty print JSON sample files and remove unused files 
Pretty print JSON samples to follow JSON formatting conventions.

Replace JSON and XML files with reference to api-site, so that we only
have one place with these files.

Remove unused JSON and XML sample files.

Co-Autored-By: Diane Fleming <diane.fleming@rackspace.com>

Partial-Bug: #1217503

Change-Id: If7b98a321b373d183859ba1ebce5cdd131b43161
2014-05-10 18:57:50 +02:00

168 lines
6.6 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-12-21">
<!ENTITY ALIAS "HP-IDM">
<!ENTITY NAMESPACE "http://docs.openstack.org/identity/api/ext/HP-IDM/v1.0">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:acme="http://docs.acme.org/servers/api/ext/template/v1.0"
xmlns:wadl="http://wadl.dev.java.net/2009/02"
xmlns:osapi="http://docs.openstack.org/compute/api/v1.1"
version="5.0" xml:id="hp-idm" status="DRAFT">
<title>OpenStack Identity HP-IDM Extension</title>
<titleabbrev>&ALIAS;</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>HP</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Hewlett-Packard Development Company L.P.</holder>
</copyright>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Guang</firstname>
<surname>Yee</surname>
</personname>
<email>guang.yee@hp.com</email>
</othercredit>
<extension
xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="HP Token Validation Extension"
namespace="http://docs.openstack.org/identity/api/ext/HP-IDM/v1.0"
alias="HP-IDM"
updated="2011-12-06T17:00:00-00:00">
<description>
Validates tokens with the optional HP-IDM-serviceId
parameter so that only the roles associated with the
given service IDs are returned. See
<link xlink:href="https://bugs.launchpad.net/keystone/+bug/890411">https://bugs.launchpad.net/keystone/+bug/890411</link> for more
details.
</description>
<atom:link rel="describedby"
type="application/pdf"
href="https://github.com/openstack/keystone/raw/master/keystone/content/admin/HP-IDM-admin-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/keystone/master/keystone/content/admin/HP-IDM-admin.wadl"/>
</extension>
<abstract>
<!--
Insert a short description of your template. This is used
in the copyright statement.
-->
<para>HP-IDM Extension For Token Validation.</para>
</abstract>
<!--
Revision history goes here. The docs system can turn this
into an atom feed.
-->
<revhistory>
<revision>
<date>2011-12-21</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para>
Initial version.
</para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="hp-idm_summary-of-changes">
<title>Summary of Changes</title>
<!--
Provide an overall summary of the extension. Give an
overview of how the extensions works and what capabilities it
adds.
-->
<section xml:id="hp-idm-overview"><title>HP-IDM Admin Extension</title><para>
The HP-IDM Admin extension adds capability to filter roles
with optional service IDs for token validation to mitigate security risks
with role name conflicts.
See
<link xlink:href="https://bugs.launchpad.net/keystone/+bug/890411">
https://bugs.launchpad.net/keystone/+bug/890411
</link>
for more details.
</para>
<!--
The following examples should illustrate the extension query
response.
-->
<example>
<title>Sample Valid Token Request</title>
<programlisting language="http"><xi:include href="samples/sample_request.txt" parse="text"/></programlisting>
</example>
<example>
<title>Sample Valid Token Request with Global Service ID Specified</title>
<programlisting language="xml"><xi:include href="samples/sample_request_with_global_sid.txt" parse="text"/></programlisting>
</example>
<section xml:id="hp-idm-new-headers">
<title>New Headers</title>
<!--
Describe any new headers, if any.
-->
<para>None.</para>
</section>
<section xml:id="hp-idm-new-faults">
<title>New Faults</title>
<!--
Describe any new faults, if any. Make sure you specify
if the fault can be expectid in all requests.
-->
<para>None.</para>
</section>
<section xml:id="hp-idm-new-resources" role="api-reference">
<title>New Resources</title>
<para>
No new resource. HP-IDM Extension merely introduced a new optional HP-IDM-serviceId parameter for the validate token operations. The following APIs are affected.
</para>
<section xml:id="hp-idm-validate-tokens">
<title>HP-IDM Admin Extension</title>
<para>
Use the HP-IDM extension to perform the following operations on templates:
</para>
<wadl:resources>
<wadl:resource href="http://git.openstack.org/cgit/openstack/api-site/plain/api-ref/src/wadls/identity-api/src/v2.0/wadl/HP-IDM-admin.wadl#tokenById"/>
</wadl:resources>
</section>
</section>
</section>
</chapter>
</book>
View Git Blame Copy Permalink