openstack team mailing list archive

Thread
Date

Re: Keystone auth_token confusion in Swift vs Glance; Persistent tokens or not ?

To: Florian Daniel Otel <florian.otel@xxxxxxxxx>
From: Chmouel Boudjnah <chmouel@xxxxxxxxxxx>
Date: Tue, 20 Mar 2012 17:12:08 +0000
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <CAOB=GfmgHA=y9q0q1-Li5PG51JJupGsWymSz+tYQ-pe0kKaLuw@mail.gmail.com>

On Tue, Mar 20, 2012 at 4:15 PM, Florian Daniel Otel
<florian.otel@xxxxxxxxx> wrote:
> 1) Naming inconsistencies -- "token_auth" ,  "tokenauth" (Keystone resp
> Swift) vs "authtoken"  (Glance)
[...]
> While this may be only pedantic IMHO it would help if things would be called

That's correct, I started to address it in devstack[1] and have one on
the way for updating the keystone docs[2] and the manuals.

> Now, the question is: Since we are now to stop using long-lived tokens
> hardcoded as "admin_token" in "keystone.conf", resp in the "auth_token"
> middleware sections of swift resp, glance, how is a user/pass config
> supposed to look  like  ? examples ?

This should be as simple as :

https://github.com/openstack-dev/devstack/blob/master/files/swift/proxy-server.conf#L34

Cheers,
Chmouel.

[1] https://github.com/openstack-dev/devstack/commit/bd07d61c4545c52d39b9c957ff9e4423525ca452
[2] https://review.openstack.org/5573

References

Keystone auth_token confusion in Swift vs Glance; Persistent tokens or not ?
From: Florian Daniel Otel, 2012-03-20