[openstack-dev] improving the keystone middleware cache

Adam Young ayoung at redhat.com
Thu Sep 27 15:54:26 UTC 2012


On 08/15/2012 09:36 AM, Michael Basnight wrote:
> On Aug 15, 2012, at 7:22 AM, Chmouel Boudjnah wrote:
>
>> On Tue, Aug 14, 2012 at 9:14 PM, Michael Basnight <mbasnight at gmail.com> wrote:
>>> Maybe this begs the question, why isint the middleware its own library… At that point it could use the common stuff a bit easier. Are we still doing the copy job for openstack-common?
>> I definitely would +1 this if we can get the auth token middleware in
>> its own project easy to pip install and it easy to add dependencies
>> (be it external or via openstack-common or others) into it. Probably
>> not in a Folsom timeframe tho.
> I think folsom timeframe is completely come and gone on this puppy. This is definitely grizzly :) Ill start hacking away at it.
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Sorry to be a late chimer:  I'd be cautious of Token caching, as it 
bypasses the revocation mechanisms.  Caching timeouts  should be kept short.

memcache as implemented in the auth_token middleware is different from 
the memcache backend for tokens.I thimk that using memcache as the token 
cachuing mechanism for auth_tokens is actually preferable to us building 
a custome solution here.  Is there some reason that memcache is not 
sufficient?



More information about the OpenStack-dev mailing list