<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    This sounds like something that was discussed during the PTG. The
    oslo team was exploring ways to implement this, which would be
    consumable to keystonemiddleware as a library [0].<br>
    <br>
    [0] <a class="moz-txt-link-freetext" href="https://etherpad.openstack.org/p/oslo-ptg-queens">https://etherpad.openstack.org/p/oslo-ptg-queens</a><br>
    <br>
    <div class="moz-cite-prefix">On 10/11/2017 07:43 AM, pnkk wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CADx=H4YzThNskEMUjjHFdG1PP0ocTD_JAYmrafr-ZDcC_UgdFA@mail.gmail.com">
      <div dir="ltr">Hi,
        <div><br>
        </div>
        <div>We have our API server(based on pyramid) integrated with
          keystone for AuthN/AuthZ.</div>
        <div>So our service has a *.conf file which has
          [keystone_authtoken] section that defines all the stuff needed
          for registering to keystone.</div>
        <div><br>
        </div>
        <div>WSGI pipeline will first get filtered with keystone auth
          token and then get into our application functionality.</div>
        <div><br>
        </div>
        <div>Now as part of hardening, we want to save an encrypted
          password(admin password) in the conf file.</div>
        <div>Where should I put the decryption logic so it gets passed
          to the middleware in the needed format?</div>
        <div><br>
        </div>
        <div>Appreciate your help!</div>
        <div><br>
        </div>
        <div>Thanks,</div>
        <div>Kanthi</div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: <a class="moz-txt-link-abbreviated" href="mailto:OpenStack-dev-request@lists.openstack.org?subject:unsubscribe">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a>
<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>