On Thu, Mar 03, 2011 at 01:23:07PM -0800, Michael Mayo wrote:
We're also getting something else
with a token server though: service discovery (via service URL headers
returned with token). This can be important for auto-configuring apps
since you can simply enter a auth URL and the app will find out which
services to expose and what the URLs for each service are.
This is true. An endpoint list is certainly necessary, but it would be great if I only needed to call that one time instead of every time an auth token expires.
You would probably want to refresh the service list somewhat regularly
though, so perhaps we can time the refresh rate with the expiration
time for the token. :)
Yeah that works fine for the mobile clients I'm building, since their purpose is to expose a nice UI for every possible OpenStack service available, but for someone who wants to use a single service (swift only, for example), there would be no use for ever needing to get a service list, except via curl one time during development to get the swift endpoint. In that person's case, a separate auth request is wasteful compared to using HTTP Basic or request signing.
