openstack team mailing list archive

[Rafael Durán Castañeda <rafadurancastaneda@xxxxxxxxx>]

El 23/05/12 17:42, Dolph Mathews escribió:
> I haven't tested it myself, but I imagine you *could* deploy 
> legacy_token_auth (which rewrites from keystone stable/diablo or 
> essex-3 with stable/essex or folsom; however, there are a couple of 
> issues that need to be resolved first.
>
> https://github.com/openstack/keystone/blob/stable/diablo/keystone/frontends/legacy_token_auth.py
>
> First issue: legacy_token_auth imports from legacy keystone.utils; 
> however, they are trivial functions and could be moved into 
> legacy_token_auth with an additional import for webob.Response.
>
> Second issue: legacy_token_auth is dependent on the 
> KEYSTONE_API_VERSION WSGI env var set by the urlrewritefilter 
> middleware deployed in front of it. A simplified derivative of this 
> middleware is included in folsom-m1 
> (keystone.middleware.core.NormalizingFilter) which doesn't look at the 
> Accept headers or API path prefix at all.
>
>     Diablo's NormalizingFilter: 
> https://github.com/openstack/keystone/blob/stable/diablo/keystone/middleware/url.py
>
>     Folsom's NormalizingFilter: 
> https://github.com/openstack/keystone/blob/master/keystone/middleware/core.py
>
> Of course, there's also a bit of required config:
>
> https://github.com/openstack/keystone/blob/stable/diablo/etc/keystone.conf
>
> I expect the actual request-rewriting of legacy_auth_token should work 
> just fine against keystone trunk.
>
> -Dolph
>
>
> On Wed, May 23, 2012 at 10:28 AM, Nguyen, Liem Manh 
> <liem_m_nguyen@xxxxxx <mailto:liem_m_nguyen@xxxxxx>> wrote:
>
>     In essex-3, there used to be a "legacy_token_auth" component that
>     does just this.
>
>     Liem
>
>     *From:*openstack-bounces+liem_m_nguyen=hp.com@xxxxxxxxxxxxxxxxxxx
>     <mailto:hp.com@xxxxxxxxxxxxxxxxxxx>
>     [mailto:openstack-bounces+liem_m_nguyen
>     <mailto:openstack-bounces%2Bliem_m_nguyen>=hp.com@xxxxxxxxxxxxxxxxxxx
>     <mailto:hp.com@xxxxxxxxxxxxxxxxxxx>] *On Behalf Of *Chmouel Boudjnah
>     *Sent:* Wednesday, May 23, 2012 6:54 AM
>     *To:* Christian Broussard
>     *Cc:* openstack@xxxxxxxxxxxxxxxxxxx
>     <mailto:openstack@xxxxxxxxxxxxxxxxxxx>
>     *Subject:* Re: [Openstack] [OpenStack][Keystone]Does legacy_auth
>     v1.0 exist in Keystone Essex ?
>
>     On Wed, May 23, 2012 at 3:53 PM, Christian Broussard
>     <christian.broussard@xxxxxxxxx
>     <mailto:christian.broussard@xxxxxxxxx>> wrote:
>
>         I'm interested in this topic as well.  Chmouel, are you
>         indicated that without a 3rd party middleware implementation,
>         there is no way to handle v1.0 auth with keystone/swift?
>
>     Not that I know.
>
>     Chmouel.
>
>
>     _______________________________________________
>     Mailing list: https://launchpad.net/~openstack
>     <https://launchpad.net/%7Eopenstack>
>     Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>     <mailto:openstack@xxxxxxxxxxxxxxxxxxx>
>     Unsubscribe : https://launchpad.net/~openstack
>     <https://launchpad.net/%7Eopenstack>
>     More help   : https://help.launchpad.net/ListHelp
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
As far as I know old URL rewriter works fine against Essex and it 
probably works with Folsom, so you should be able to easily replace the 
new URL middleware by the old one.