[openstack-dev] [openstack-common] Add auth_token.py from keystone middleware to openstack-common

Joseph Heck heckj at mac.com
Sat Aug 18 20:04:05 UTC 2012 

Hi Yaguang,

I agree that it looks like a close fit for pushing into openstack-common, but I don't have a solid sense of what the boundary is between stuff that's somewhat common and stuff that's project specific. auth_token is in one of those grey areas - it's used by glance, quantum, nova (and keystone), but not swift - swift extended that basic setup to include some additional context and such detail specific to swift. That auth-token-middleware-for-swift code is now in the swift repository (https://github.com/openstack/swift/blob/master/swift/common/middleware/keystoneauth.py)

The other part of this is how we do updates - right now a change to Keystone (such as adding PKI support for signed tokens) means updating in a single location (keystone), where if we moved it to OpenStack common, we'd need to update it in more than one location. If it were really locked down and not changing, then I think maybe it would make sense to shift in there, but right now (especially with advancements in PKI/signed tokens) and looking forward to the V3 API set, I don't know that it makes as much sense. My intuition is telling me that it's not sufficiently unchanging and "common" enough to move into common, although getting it there is actually something of a goal.

Mark - how and where have you been drawing the line on what and when to shift code into OpenStack common?

- joe

On Aug 18, 2012, at 12:45 AM, heut2008 <heut2008 at gmail.com> wrote:
> auth_token.py is a middleware of keystone  used by
> nova-api,glance-api, and quantum to authenticate request token. now,
> we have to install
> keystone to make all openstack api services which use keystone as auth
> strategy.but is not necessary to install keystone,only auth_token.py
> is
> needed,(nova-api may alse need  ec2_token.py) ,so I suggest we put
> keystone/middleware/auth_token.py into openstack-common/middleware.
> 
> 
> 
> Yaguang
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

More information about the OpenStack-dev mailing list