# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2015, Keystone Developers
# This file is distributed under the same license as the keystonemiddleware package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: keystonemiddleware \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-04-19 04:06+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#: ../../<reno.sphinxext unmaintained/2023.1>:23
msgid "10.0.0"
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:5 unmaintained/zed>:5
msgid "10.1.0"
msgstr ""

#: ../../<reno.sphinxext stable/2023.2>:5
msgid "10.3.0"
msgstr ""

#: ../../<reno.sphinxext stable/2024.1>:5
msgid "10.5.0"
msgstr ""

#: ../../<reno.sphinxext stable/2025.1>:24
msgid "10.8.0"
msgstr ""

#: ../../<reno.sphinxext stable/2025.1>:5
msgid "10.9.0"
msgstr ""

#: ../../<reno.sphinxext branch>:5 current
msgid "10.9.0-5"
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:38 unmaintained/2023.1>:582
#: unmaintained/wallaby>:508 unmaintained/yoga>:548
msgid "4.1.0"
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:5 unmaintained/2023.1>:423
#: unmaintained/wallaby>:349 unmaintained/yoga>:389
msgid "4.12.0"
msgstr ""

#: ../../<reno.sphinxext stable/pike>:38 unmaintained/2023.1>:390
#: unmaintained/wallaby>:316 unmaintained/yoga>:356
msgid "4.16.0"
msgstr ""

#: ../../<reno.sphinxext stable/pike>:23
msgid "4.17.1"
msgstr ""

#: ../../<reno.sphinxext stable/pike>:5
msgid "4.17.1-3"
msgstr ""

#: ../../<reno.sphinxext stable/queens>:72 unmaintained/2023.1>:370
#: unmaintained/wallaby>:296 unmaintained/yoga>:336
msgid "4.18.0"
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:20 unmaintained/2023.1>:564
#: unmaintained/wallaby>:490 unmaintained/yoga>:530
msgid "4.2.0"
msgstr ""

#: ../../<reno.sphinxext stable/queens>:51 unmaintained/2023.1>:349
#: unmaintained/wallaby>:275 unmaintained/yoga>:315
msgid "4.20.0"
msgstr ""

#: ../../<reno.sphinxext stable/queens>:23
msgid "4.22.0"
msgstr ""

#: ../../<reno.sphinxext stable/queens>:5
msgid "4.22.0-2"
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:5 unmaintained/2023.1>:549
#: unmaintained/wallaby>:475 unmaintained/yoga>:515
msgid "4.3.0"
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:53 unmaintained/2023.1>:520
#: unmaintained/wallaby>:446 unmaintained/yoga>:486
msgid "4.5.0"
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:5 unmaintained/2023.1>:472
#: unmaintained/wallaby>:398 unmaintained/yoga>:438
msgid "4.6.0"
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:95 unmaintained/2023.1>:309
#: unmaintained/wallaby>:235 unmaintained/yoga>:275
msgid "5.0.0"
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:67 unmaintained/2023.1>:281
#: unmaintained/wallaby>:207 unmaintained/yoga>:247
msgid "5.1.0"
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:52
msgid "5.2.0"
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:34
msgid "5.2.1"
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:5
msgid "5.2.2"
msgstr ""

#: ../../<reno.sphinxext stable/stein>:75 unmaintained/2023.1>:257
#: unmaintained/wallaby>:183 unmaintained/yoga>:223
msgid "5.3.0"
msgstr ""

#: ../../<reno.sphinxext stable/stein>:21 unmaintained/2023.1>:192
#: unmaintained/wallaby>:118 unmaintained/yoga>:158
msgid "6.0.0"
msgstr ""

#: ../../<reno.sphinxext stable/stein>:5
msgid "6.0.1"
msgstr ""

#: ../../<reno.sphinxext stable/train>:23 unmaintained/2023.1>:172
#: unmaintained/wallaby>:98 unmaintained/yoga>:138
msgid "6.1.0"
msgstr ""

#: ../../<reno.sphinxext stable/train>:5 unmaintained/2023.1>:154
#: unmaintained/wallaby>:80 unmaintained/yoga>:120
msgid "7.0.0"
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:49 unmaintained/2023.1>:123
#: unmaintained/wallaby>:49 unmaintained/yoga>:89
msgid "8.0.0"
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:32 unmaintained/2023.1>:106
#: unmaintained/wallaby>:32 unmaintained/yoga>:72
msgid "9.0.0"
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:5 unmaintained/2023.1>:79
#: unmaintained/victoria>:5 unmaintained/wallaby>:5 unmaintained/yoga>:45
msgid "9.1.0"
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:39 unmaintained/xena>:5
#: unmaintained/yoga>:5
msgid "9.3.0"
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:66 unmaintained/2023.1>:533
#: unmaintained/wallaby>:459 unmaintained/yoga>:499
msgid ""
"A new configuration option for the s3token middleware called auth_uri can be "
"used to set the URI to be used for authentication. This replaces auth_host, "
"auth_port, and auth_protocol."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:14 unmaintained/2023.1>:481
#: unmaintained/wallaby>:407 unmaintained/yoga>:447
msgid "Add the `X_IS_ADMIN_PROJECT` header."
msgstr ""

#: ../../<reno.sphinxext stable/2025.1>:14
msgid ""
"Add the feature to support SASL for keystonemiddleware to improve the "
"security of authority. memcache_sasl_enabled: enable the SASL option or not. "
"memcache_username: the user name for the SASL memcache_password: the user "
"password for SASL"
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:33 unmaintained/2023.1>:500
#: unmaintained/wallaby>:426 unmaintained/yoga>:466
msgid ""
"Added the `X_IS_ADMIN_PROJECT` header to authenticated headers. This has the "
"string value of 'True' or 'False' and can be used to enforce admin project "
"policies."
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:24 unmaintained/2023.1>:442
#: unmaintained/wallaby>:368 unmaintained/yoga>:408
msgid ""
"AuthToken middleware will now allow fetching an expired token when a valid "
"service token is present. This service token must contain any one of the "
"roles specified in ``service_token_roles``."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:63 origin/stable/newton>:39
#: stable/2024.1>:31 stable/pike>:10 stable/pike>:59 stable/queens>:10
#: stable/queens>:38 stable/queens>:56 stable/rocky>:21 stable/rocky>:39
#: stable/rocky>:57 stable/rocky>:82 stable/rocky>:110 stable/stein>:36
#: stable/stein>:80 unmaintained/2023.1>:217 unmaintained/2023.1>:262
#: unmaintained/2023.1>:296 unmaintained/2023.1>:324 unmaintained/2023.1>:354
#: unmaintained/2023.1>:411 unmaintained/2023.1>:506 unmaintained/2023.1>:607
#: unmaintained/wallaby>:143 unmaintained/wallaby>:188
#: unmaintained/wallaby>:222 unmaintained/wallaby>:250
#: unmaintained/wallaby>:280 unmaintained/wallaby>:337
#: unmaintained/wallaby>:432 unmaintained/wallaby>:533 unmaintained/yoga>:183
#: unmaintained/yoga>:228 unmaintained/yoga>:262 unmaintained/yoga>:290
#: unmaintained/yoga>:320 unmaintained/yoga>:377 unmaintained/yoga>:472
#: unmaintained/yoga>:573
msgid "Bug Fixes"
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:25 origin/stable/newton>:72
#: origin/stable/ocata>:44 stable/queens>:77 unmaintained/2023.1>:62
#: unmaintained/2023.1>:375 unmaintained/2023.1>:462 unmaintained/2023.1>:539
#: unmaintained/2023.1>:569 unmaintained/wallaby>:301 unmaintained/wallaby>:388
#: unmaintained/wallaby>:465 unmaintained/wallaby>:495 unmaintained/xena>:28
#: unmaintained/yoga>:28 unmaintained/yoga>:341 unmaintained/yoga>:428
#: unmaintained/yoga>:505 unmaintained/yoga>:535
msgid "Deprecation Notes"
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:14 unmaintained/2023.1>:432
#: unmaintained/wallaby>:358 unmaintained/yoga>:398
msgid ""
"Fetching expired tokens when using a valid service token is now allowed. "
"This will help with long running operations that must continue between "
"services longer than the original expiry of the token."
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:48 unmaintained/2023.1>:466
#: unmaintained/wallaby>:392 unmaintained/yoga>:432
msgid ""
"For backwards compatibility the ``service_token_roles_required`` option in "
"``[keystone_authtoken]`` was added. The option defaults to ``False`` and has "
"been immediately deprecated. This will allow the current behaviour that "
"service tokens are validated but not checked for roles to continue. The "
"option should be set to ``True`` as soon as possible. The option will "
"default to ``True`` in a future release."
msgstr ""

#: ../../<reno.sphinxext stable/2024.1>:35
msgid ""
"In situation of encryption using memcached. Its possible that data in "
"memcached becomes un-decryptable. The previous implementation of token cache "
"was not correctly handling the case."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:70 unmaintained/xena>:36
#: unmaintained/yoga>:36
msgid ""
"It is recommended that the ``memcache_use_advanced_pool`` option is set to "
"``True`` in the ``keystone_authtoken`` configuration section of the various "
"services (e.g. nova, glance, ...) when memcached is used for token cache."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:10 origin/stable/mitaka>:43
#: origin/stable/newton>:20 origin/stable/newton>:58 origin/stable/ocata>:20
#: stable/2023.2>:10 stable/2024.1>:10 stable/2025.1>:10 stable/pike>:28
#: stable/queens>:28 stable/rocky>:72 stable/rocky>:100 stable/stein>:26
#: stable/train>:10 stable/train>:28 unmaintained/2023.1>:10
#: unmaintained/2023.1>:159 unmaintained/2023.1>:177 unmaintained/2023.1>:197
#: unmaintained/2023.1>:286 unmaintained/2023.1>:314 unmaintained/2023.1>:438
#: unmaintained/2023.1>:487 unmaintained/2023.1>:525 unmaintained/2023.1>:554
#: unmaintained/2023.1>:587 unmaintained/wallaby>:85 unmaintained/wallaby>:103
#: unmaintained/wallaby>:123 unmaintained/wallaby>:212
#: unmaintained/wallaby>:240 unmaintained/wallaby>:364
#: unmaintained/wallaby>:413 unmaintained/wallaby>:451
#: unmaintained/wallaby>:480 unmaintained/wallaby>:513 unmaintained/yoga>:125
#: unmaintained/yoga>:143 unmaintained/yoga>:163 unmaintained/yoga>:252
#: unmaintained/yoga>:280 unmaintained/yoga>:404 unmaintained/yoga>:453
#: unmaintained/yoga>:491 unmaintained/yoga>:520 unmaintained/yoga>:553
#: unmaintained/zed>:10
msgid "New Features"
msgstr ""

#: ../../<reno.sphinxext branch>:10 current stable/rocky>:125 stable/ussuri>:67
#: unmaintained/2023.1>:141 unmaintained/2023.1>:339 unmaintained/wallaby>:67
#: unmaintained/wallaby>:265 unmaintained/yoga>:107 unmaintained/yoga>:305
msgid "Other Notes"
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:10 origin/stable/ocata>:10
#: stable/ussuri>:10 unmaintained/2023.1>:84 unmaintained/2023.1>:428
#: unmaintained/2023.1>:477 unmaintained/victoria>:10 unmaintained/wallaby>:10
#: unmaintained/wallaby>:354 unmaintained/wallaby>:403 unmaintained/yoga>:50
#: unmaintained/yoga>:394 unmaintained/yoga>:443
msgid "Prelude"
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:41 unmaintained/2023.1>:115
#: unmaintained/wallaby>:41 unmaintained/yoga>:81
msgid ""
"Python 2.7 support has been dropped. Last release of keystonemiddleware to "
"support python 2.7 is OpenStack Train. The minimum version of Python now "
"supported is Python 3.6."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:32
msgid ""
"Python 3.6 & 3.7 support has been dropped. The minimum version of Python now "
"supported is Python 3.8."
msgstr ""

#: ../../<reno.sphinxext stable/2025.1>:33
msgid ""
"Python 3.8 support was dropped. The minimum version of Python now supported "
"is Python 3.9."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:53 unmaintained/2023.1>:597
#: unmaintained/wallaby>:523 unmaintained/yoga>:563
msgid "Security Issues"
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:28 unmaintained/2023.1>:446
#: unmaintained/wallaby>:372 unmaintained/yoga>:412
msgid ""
"Service tokens are compared against a list of possible roles for validity. "
"This will ensure that only services are submitting tokens as an ``X-Service-"
"Token``. For backwards compatibility, if ``service_token_roles_required`` is "
"not set, a warning will be emitted. To enforce the check properly, set "
"``service_token_roles_required`` to ``True``. It currently defaults to "
"``False``"
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:38 unmaintained/2023.1>:456
#: unmaintained/wallaby>:382 unmaintained/yoga>:422
msgid ""
"Set the ``service_token_roles`` to a list of roles that services may have. "
"The likely list is ``service`` or ``admin``. Any ``service_token_roles`` may "
"apply to accept the service token. Ensure service users have one of these "
"roles so interservice communication continues to work correctly. When "
"verified, set the ``service_token_roles_required`` flag to ``True`` to "
"enforce this behaviour. This will become the default setting in future "
"releases."
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:14 unmaintained/2023.1>:88
#: unmaintained/victoria>:14 unmaintained/wallaby>:14 unmaintained/yoga>:54
msgid ""
"Since the removal of the Identity API v2 Keystone no longer has any special "
"functionality that requires using the admin endpoint for it. So this release "
"changes the default endpoint being used from ``admin`` to ``internal``, "
"allowing deployments to work without an admin endpoint."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:129 unmaintained/2023.1>:343
#: unmaintained/wallaby>:269 unmaintained/yoga>:309
msgid ""
"The ``kwargs_to_fetch_token`` setting was removed from the "
"``BaseAuthProtocol`` class. Implementations of auth_token now assume kwargs "
"will be passed to the ``fetch_token`` method."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:76 unmaintained/2023.1>:543
#: unmaintained/wallaby>:469 unmaintained/yoga>:509
msgid ""
"The auth_host, auth_port, and auth_protocol configuration options to the "
"s3token middleware are now deprecated."
msgstr ""

#: ../../<reno.sphinxext stable/queens>:81 unmaintained/2023.1>:379
#: unmaintained/wallaby>:305 unmaintained/yoga>:345
msgid ""
"The auth_uri parameter of keystone_authtoken is deprecated in favor of "
"www_authenticate_uri. The auth_uri option was often confused with the "
"auth_url parameter of the keystoneauth plugin, which was also effectively "
"always required. The parameter refers to the WWW-Authenticate header that is "
"returned when the user needs to be redirected to the Identity service for "
"authentication."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:14 stable/stein>:14
msgid ""
"The lower constraint for python-memcached must be raised to version 1.58 in "
"order to work with Python 3.4 and above."
msgstr ""

#: ../../<reno.sphinxext origin/stable/ocata>:34 stable/2025.1>:29
#: stable/pike>:43 stable/rocky>:10 stable/stein>:10 stable/ussuri>:20
#: stable/ussuri>:37 stable/ussuri>:54 unmaintained/2023.1>:28
#: unmaintained/2023.1>:44 unmaintained/2023.1>:94 unmaintained/2023.1>:111
#: unmaintained/2023.1>:128 unmaintained/2023.1>:207 unmaintained/2023.1>:395
#: unmaintained/2023.1>:452 unmaintained/victoria>:20 unmaintained/wallaby>:20
#: unmaintained/wallaby>:37 unmaintained/wallaby>:54 unmaintained/wallaby>:133
#: unmaintained/wallaby>:321 unmaintained/wallaby>:378 unmaintained/xena>:10
#: unmaintained/yoga>:10 unmaintained/yoga>:60 unmaintained/yoga>:77
#: unmaintained/yoga>:94 unmaintained/yoga>:173 unmaintained/yoga>:361
#: unmaintained/yoga>:418
msgid "Upgrade Notes"
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:66 unmaintained/xena>:32
#: unmaintained/yoga>:32
msgid ""
"We no longer recommend using the eventlet unsafe keystonemiddleware's "
"memcacheclientpool. This implementation may result in growing connections to "
"memcached."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:88 unmaintained/2023.1>:270
#: unmaintained/wallaby>:196 unmaintained/yoga>:236
msgid ""
"When ``delay_auth_decision`` is enabled and a Keystone failure prevents a "
"final decision about whether a token is valid or invalid, it will be marked "
"invalid and the application will be responsible for a final auth decision. "
"This is similar to what happens when a token is confirmed *not* valid. This "
"allows a Keystone outage to only affect Keystone users in a multi-auth "
"system."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:29 unmaintained/2023.1>:573
#: unmaintained/wallaby>:499 unmaintained/yoga>:539
msgid ""
"With the release of 4.2.0 of keystonemiddleware we no longer recommend using "
"the in-process token cache. In-process caching may result in inconsistent "
"validation, poor UX and race conditions. It is recommended that the "
"`memcached_servers` option is set in the `keystone_authtoken` configuration "
"section of the various services (e.g. nova, glance, ...) with the endpoint "
"of running memcached server(s). When the feature is removed, not setting the "
"`memcached_servers` option will cause keystone to validate tokens more "
"frequently, increasing load. In production, use of caching is highly "
"recommended. This feature is deprecated as of 4.2.0 and is targeted for "
"removal in keystonemiddleware 5.0.0 or in the `O` development cycle, "
"whichever is later."
msgstr ""

#: ../../<reno.sphinxext stable/2024.1>:14
msgid ""
"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad."
"net/keystone/+spec/enhance-oauth2-interoperability>`_] Added the ability to "
"authenticate using a system-scoped token and the ability to authenticate "
"using a cached token to the external_oauth2_token filter."
msgstr ""

#: ../../<reno.sphinxext stable/2024.1>:21
msgid ""
"[`blueprint enhance-oauth2-interoperability <https://blueprints.launchpad."
"net/keystone/+spec/enhance-oauth2-interoperability>`_] The "
"external_oauth2_token filter has been added for accepting or denying "
"incoming requests containing OAuth 2.0 access tokens that are obtained from "
"an external authorization server by users through their OAuth 2.0 "
"credentials."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:14 unmaintained/zed>:14
msgid ""
"[`blueprint oauth2-client-credentials-ext <https://blueprints.launchpad.net/"
"keystone/+spec/oauth2-client-credentials-ext>`_] The oauth2_token filter has "
"been added for accepting or denying incoming requests containing OAuth2.0 "
"client credentials access tokens passed via the Authorization headers as "
"bearer tokens."
msgstr ""

#: ../../<reno.sphinxext stable/2023.2>:14
msgid ""
"[`blueprint support-oauth2-mtls <https://blueprints.launchpad.net/keystone/"
"+spec/support-oauth2-mtls>`_] The oauth2_mtls_token filter has been added "
"for accepting or denying incoming requests containing OAuth 2.0 certificate-"
"bound access tokens that are obtained from keystone identity server by users "
"through their OAuth 2.0 credentials and Mutual-TLS certificates."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:71 unmaintained/2023.1>:615
#: unmaintained/wallaby>:541 unmaintained/yoga>:581
msgid ""
"[`bug 1333951 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1333951>`_] Add support for parsing AWS v4 for ec2."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:75 unmaintained/2023.1>:619
#: unmaintained/wallaby>:545 unmaintained/yoga>:585
msgid ""
"[`bug 1423973 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1423973>`_] Use oslo.config choices for config options."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:47 unmaintained/2023.1>:591
#: unmaintained/wallaby>:517 unmaintained/yoga>:557
msgid ""
"[`bug 1490804 <https://bugs.launchpad.net/keystone/+bug/1490804>`_] The "
"auth_token middleware validates the token's audit IDs during offline token "
"validation if the Identity server includes audit IDs in the token revocation "
"list."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:57 unmaintained/2023.1>:601
#: unmaintained/wallaby>:527 unmaintained/yoga>:567
msgid ""
"[`bug 1490804 <https://bugs.launchpad.net/keystone/+bug/1490804>`_] "
"[`CVE-2015-7546 <http://cve.mitre.org/cgi-bin/cvename.cgi?"
"name=CVE-2015-7546>`_] A bug is fixed where an attacker could avoid token "
"revocation when the PKI or PKIZ token provider is used. The complete "
"remediation for this vulnerability requires the corresponding fix in the "
"Identity (keystone) project."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:67 unmaintained/2023.1>:611
#: unmaintained/wallaby>:537 unmaintained/yoga>:577
msgid ""
"[`bug 1523311 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1523311>`_] Do not list deprecated opts in sample config."
msgstr ""

#: ../../<reno.sphinxext origin/stable/mitaka>:14
msgid ""
"[`bug 1540022 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1540022>`_] The auth_token middleware will now accept a conf setting "
"named ``oslo_config_config``. If this is set its value must be an existing "
"oslo_config `ConfigOpts`. ``olso_config_config`` takes precedence over "
"``oslo_config_project``. This feature is useful to applications that are "
"instantiating the auth_token middleware themselves and wish to use an "
"existing configuration."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:558 unmaintained/wallaby>:484
#: unmaintained/yoga>:524
msgid ""
"[`bug 1540022 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1540022>`_] The auth_token middleware will now accept a conf setting "
"named ``oslo_config_config``. If this is set its value must be an existing "
"oslo_config `ConfigOpts`. ``oslo_config_config`` takes precedence over "
"``oslo_config_project``. This feature is useful to applications that are "
"instantiating the auth_token middleware themselves and wish to use an "
"existing configuration."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:29 unmaintained/2023.1>:496
#: unmaintained/wallaby>:422 unmaintained/yoga>:462
msgid ""
"[`bug 1540115 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1540115>`_] Optional dependencies can now be installed using `extras`. "
"To install audit related libraries, use ``pip install "
"keystonemiddleware[audit_nofications]``. Refer to keystonemiddleware "
"documentation for further information."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:62 unmaintained/2023.1>:529
#: unmaintained/wallaby>:455 unmaintained/yoga>:495
msgid ""
"[`bug 1544840 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1544840>`_] Adding audit middleware specific notification related "
"configuration to allow a different notification driver and transport for "
"audit if needed."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:24 unmaintained/2023.1>:491
#: unmaintained/wallaby>:417 unmaintained/yoga>:457
msgid ""
"[`bug 1583690 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1583690>`_] For services such as Swift, which may not be utilizing "
"oslo_config, we need to be able to determine the project name from local "
"config. If project name is specified in both local config and oslo_config, "
"the one in local config will be used instead. In case project is "
"undetermined (i.e. not set), we use taxonomy.UNKNOWN as an indicator so "
"operators can take corrective actions."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:43 unmaintained/2023.1>:510
#: unmaintained/wallaby>:436 unmaintained/yoga>:476
msgid ""
"[`bug 1583699 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1583699>`_] Some service APIs (such as Swift list public containers) do "
"not require a token. Therefore, there will be no identity or service catalog "
"information available. In these cases, audit now fills in the default (i.e. "
"taxonomy.UNKNOWN) for both initiator and target instead of raising an "
"exception."
msgstr ""

#: ../../<reno.sphinxext origin/stable/newton>:47 unmaintained/2023.1>:514
#: unmaintained/wallaby>:440 unmaintained/yoga>:480
msgid ""
"[`bug 1583702 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1583702>`_] Some services such as Swift does not use Oslo (global) "
"config. In that case, the options are conveyed via local config. This patch "
"utilized an established pattern in auth_token middleware, which is to first "
"look for the given option in local config, then Oslo global config."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:211 unmaintained/wallaby>:137
#: unmaintained/yoga>:177
msgid ""
"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] "
"Keystonemiddleware no longer supports PKI/PKIZ tokens, all associated "
"offline validation has been removed. The configuration options "
"`signing_dir`, and `hash_algorithms` have been removed, if they still exist "
"in your configuration(s), they are now safe to remove. Please consider "
"utilizing the newer fernet or JWS token formats."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:40
msgid ""
"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The "
"auth_token middleware no longer attempts to retrieve the revocation list "
"from the Keystone server. The deprecated options "
"`check_revocations_for_cached` and `check_revocations_for_cached` have been "
"removed."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:221 unmaintained/wallaby>:147
#: unmaintained/yoga>:187
msgid ""
"[`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The "
"auth_token middleware no longer attempts to retrieve the revocation list "
"from the Keystone server. The deprecated options `revocations_cache_time` "
"and `check_revocations_for_cached` have been removed. Keystone no longer "
"issues PKI/PKIZ tokens and now keystonemiddleware's Support for PKI/PKIZ and "
"associated offline validation has been removed. This includes the deprecated "
"config options `signing_dir`, and `hash_algorithms`."
msgstr ""

#: ../../<reno.sphinxext stable/pike>:63 unmaintained/2023.1>:415
#: unmaintained/wallaby>:341 unmaintained/yoga>:381
msgid ""
"[`bug 1677308 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1677308>`_] Removes ``pycrypto`` dependency as the library is "
"unmaintained, and replaces it with the ``cryptography`` library."
msgstr ""

#: ../../<reno.sphinxext stable/pike>:47 unmaintained/2023.1>:399
#: unmaintained/wallaby>:325 unmaintained/yoga>:365
msgid ""
"[`bug 1677308 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1677308>`_] There is no upgrade impact when switching from ``pycrypto`` "
"to ``cryptography``.  All data will be encrypted and decrypted using "
"identical blocksize, padding, algorithm (AES) and mode (CBC). Data "
"previously encrypted using ``pycrypto`` can be decrypted using both "
"``pycrypto`` and ``cryptography``.  The same is true of data encrypted using "
"``cryptography``."
msgstr ""

#: ../../<reno.sphinxext stable/pike>:32 stable/queens>:32 stable/rocky>:104
#: unmaintained/2023.1>:318 unmaintained/wallaby>:244 unmaintained/yoga>:284
msgid ""
"[`bug 1695038 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1695038>`_] The use_oslo_messaging configuration option is added for "
"services such as Swift, which need the audit middleware to use the local "
"logger instead of the oslo.messaging notifier regardless of whether the oslo."
"messaging package is present or not. Leave this option set to its default "
"True value to keep the previous behavior unchanged - the audit middleware "
"will use the oslo.messaging notifier if the oslo.messaging package is "
"present, and the local logger otherwise. Services that rely on the local "
"logger for audit notifications must set this option to False."
msgstr ""

#: ../../<reno.sphinxext stable/queens>:60 unmaintained/2023.1>:358
#: unmaintained/wallaby>:284 unmaintained/yoga>:324
msgid ""
"[`bug 1737115 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1737115>`_] Last release have accidentaly make python-memcached a hard "
"dependency, this have changed back to an optional one."
msgstr ""

#: ../../<reno.sphinxext stable/queens>:66 unmaintained/2023.1>:364
#: unmaintained/wallaby>:290 unmaintained/yoga>:330
msgid ""
"[`bug 1737119 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1737119>`_] If the application was not using the global cfg.CONF "
"object, the configuration was not read from the configuration file. This "
"have been fixed."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:76 unmaintained/2023.1>:290
#: unmaintained/wallaby>:216 unmaintained/yoga>:256
msgid ""
"[`bug 1762362 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1762362>`_] The value of the header \"WWW-Authenticate\" in a 401 "
"(Unauthorized) response now is double quoted to follow the RFC requirement."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:86 unmaintained/2023.1>:300
#: unmaintained/wallaby>:226 unmaintained/yoga>:266
msgid ""
"[`bug 1766731 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1766731>`_] Keystonemiddleware now supports system scoped tokens. When "
"a system-scoped token is parsed by auth_token middleware, it will set the "
"``OpenStack-System-Scope`` header accordingly."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:61
msgid ""
"[`bug 1782404 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1782404>`_] Keystonemiddleware incorrectly implemented an abstraction "
"for the memcache client pool that utilized a `queue.Queue` `get` method "
"instead of the supplied `acquire()` context manager. The `acquire()` context "
"manager properly places the client connection back into the pool after "
"`__exit__`."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:84 unmaintained/2023.1>:266
#: unmaintained/wallaby>:192 unmaintained/yoga>:232
msgid ""
"[`bug 1789351 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1789351>`_] Fixed the bug that when initialize `AuthProtocol`, it'll "
"raise \"dictionary changed size during iteration\" error if the input `CONF` "
"object contains deprecated options."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:67 unmaintained/2023.1>:249
#: unmaintained/wallaby>:175 unmaintained/yoga>:215
msgid ""
"[`bug 1797584 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1797584>`_] Fixed a bug where the audit code would select the wrong "
"target service if the OpenStack service endpoints were not using unique TCP "
"ports."
msgstr ""

#: ../../<reno.sphinxext stable/queens>:42 stable/rocky>:43 stable/stein>:44
#: unmaintained/2023.1>:226 unmaintained/wallaby>:152 unmaintained/yoga>:192
msgid ""
"[`bug 1800017 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1800017>`_] Fix audit middleware service catalog parsing for the "
"scenario where a service does not contain any endpoints. In that case, we "
"should just skip over that service."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:30 unmaintained/2023.1>:201
#: unmaintained/wallaby>:127 unmaintained/yoga>:167
msgid ""
"[`bug 1803940 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1803940>`_] Request ID and global request ID have been added to CADF "
"notifications."
msgstr ""

#: ../../<reno.sphinxext stable/pike>:14 stable/queens>:14 stable/rocky>:25
#: stable/stein>:51 unmaintained/2023.1>:233 unmaintained/wallaby>:159
#: unmaintained/yoga>:199
msgid ""
"[`bug 1809101 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1809101>`_] Fix req.context of Keystone audit middleware and Glance "
"conflict with each other issue. The audit middleware now stores the admin "
"context to req.environ['audit.context']."
msgstr ""

#: ../../<reno.sphinxext stable/stein>:58 unmaintained/2023.1>:240
#: unmaintained/wallaby>:166 unmaintained/yoga>:206
msgid ""
"[`bug 1813739 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1813739>`_] When admin identity endpoint is not created yet, "
"keystonemiddleware emit EndpointNotFound exception. Even after admin "
"identity endpoint created, auth_token middleware could not be notified of "
"update since it does not invalidate existing auth. Add an invalidation step "
"so that endpoint updates can be detected."
msgstr ""

#: ../../<reno.sphinxext stable/train>:32 unmaintained/2023.1>:181
#: unmaintained/wallaby>:107 unmaintained/yoga>:147
msgid ""
"[`bug 1830002 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1830002>`_] In order to allow an installation to work without deploying "
"an admin Identity endpoint, a new option `interface` has been added, "
"allowing select the Identity endpoint that is being used when verifying auth "
"tokens. It defaults to `admin` in order to replicate the old behaviour, but "
"may be set to `public` or `internal` as needed."
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:24 unmaintained/2023.1>:98
#: unmaintained/victoria>:24 unmaintained/wallaby>:24 unmaintained/yoga>:64
msgid ""
"[`bug 1830002 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1830002>`_] The default Identity endpoint has been changed from "
"``admin`` to ``internal``."
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:71 unmaintained/2023.1>:145
#: unmaintained/wallaby>:71 unmaintained/yoga>:111
msgid ""
"[`bug 1845539 <https://bugs.launchpad.net/keystone/+bug/1845539>`_] The ec2 "
"'url' config option now defaults to https://localhost:5000/v3/ec2tokens with "
"the removal of ec2 v2.0 support. Keystonemiddleware no longer supports "
"ec2tokens using the v2.0 API."
msgstr ""

#: ../../<reno.sphinxext stable/ussuri>:58 unmaintained/2023.1>:132
#: unmaintained/wallaby>:58 unmaintained/yoga>:98
msgid ""
"[`bug 1845539 <https://bugs.launchpad.net/keystone/+bug/1845539>`_] [`bug "
"1777177 <https://bugs.launchpad.net/keystone/+bug/1777177>`_] "
"keystonemiddleware no longer supports the keystone v2.0 api, all associated "
"functionality has been removed."
msgstr ""

#: ../../<reno.sphinxext unmaintained/2023.1>:48 unmaintained/xena>:14
#: unmaintained/yoga>:14
msgid ""
"[`bug 1892852 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1892852>`_] [`bug 1888394 <https://bugs.launchpad.net/oslo.cache/"
"+bug/1888394>`_] [`bug 1883659 <https://bugs.launchpad.net/"
"keystonemiddleware/+bug/1883659>`_] Keystonemiddleware now using eventlet-"
"safe implementation of ``MemcacheClientPool`` from oslo.cache's library by "
"default. The ``keystonemiddleware`` implementation is now deprecated. For "
"backwards compatibility, the ``[keystone_authtoken] "
"memcache_use_advanced_pool`` option can be set to ``False`` config files of "
"the various services (e.g. nova, glance, ...) when memcached is used for "
"token cache."
msgstr ""

#: ../../<reno.sphinxext stable/rocky>:114 unmaintained/2023.1>:328
#: unmaintained/wallaby>:254 unmaintained/yoga>:294
msgid ""
"[`bug/1747655 <https://bugs.launchpad.net/keystonemiddleware/"
"+bug/1747655>`_] When keystone is temporarily unavailable, "
"keystonemiddleware correctly sends a 503 response to the HTTP client but was "
"not identifying which service was down, leading to confusion on whether it "
"was keystone or the service using keystonemiddleware that was unavailable. "
"This change identifies keystone in the error response."
msgstr ""

#: ../../<reno.sphinxext stable/train>:14 unmaintained/2023.1>:163
#: unmaintained/wallaby>:89 unmaintained/yoga>:129
msgid ""
"[`spec <http://specs.openstack.org/openstack/keystone-specs/specs/keystone/"
"train/capabilities-app-creds.html>`_] The auth_token middleware now has "
"support for accepting or denying incoming requests based on access rules "
"provided by users in their keystone application credentials."
msgstr ""

#: ../../<reno.sphinxext branch>:14 current
msgid ""
"python-memcached has been replaced by pymemcache to support TLS and MTLS."
msgstr ""

#: ../source/2023.1.rst:3
msgid "2023.1 Series Release Notes"
msgstr ""

#: ../source/2023.2.rst:3
msgid "2023.2 Series Release Notes"
msgstr ""

#: ../source/2024.1.rst:3
msgid "2024.1 Series Release Notes"
msgstr ""

#: ../source/2024.2.rst:3
msgid "2024.2 Series Release Notes"
msgstr ""

#: ../source/2025.1.rst:3
msgid "2025.1 Series Release Notes"
msgstr ""

#: ../source/index.rst:3
msgid "keystonemiddleware Release Notes"
msgstr ""

#: ../source/mitaka.rst:3
msgid "Mitaka Series Release Notes"
msgstr ""

#: ../source/newton.rst:3
msgid "Newton Series Release Notes"
msgstr ""

#: ../source/ocata.rst:3
msgid "Ocata Series Release Notes"
msgstr ""

#: ../source/pike.rst:3
msgid "Pike Series Release Notes"
msgstr ""

#: ../source/queens.rst:3
msgid "Queens Series Release Notes"
msgstr ""

#: ../source/rocky.rst:3
msgid "Rocky Series Release Notes"
msgstr ""

#: ../source/stein.rst:3
msgid "Stein Series Release Notes"
msgstr ""

#: ../source/train.rst:3
msgid "Train Series Release Notes"
msgstr ""

#: ../source/unreleased.rst:3
msgid "Current Series Release Notes"
msgstr ""

#: ../source/ussuri.rst:3
msgid "Ussuri Series Release Notes"
msgstr ""

#: ../source/victoria.rst:3
msgid "Victoria Series Release Notes"
msgstr ""

#: ../source/wallaby.rst:3
msgid "Wallaby Series Release Notes"
msgstr ""

#: ../source/xena.rst:3
msgid "Xena Series Release Notes"
msgstr ""

#: ../source/yoga.rst:3
msgid "Yoga Series Release Notes"
msgstr ""

#: ../source/zed.rst:3
msgid "Zed Series Release Notes"
msgstr ""