[Openstack] [OpenStack][Keystone]Does legacy_auth v1.0 exist in Keystone Essex ?
Rafael Durán Castañeda
rafadurancastaneda at gmail.com
Wed May 23 23:09:30 UTC 2012
El 23/05/12 17:42, Dolph Mathews escribió:
> I haven't tested it myself, but I imagine you *could* deploy
> legacy_token_auth (which rewrites from keystone stable/diablo or
> essex-3 with stable/essex or folsom; however, there are a couple of
> issues that need to be resolved first.
>
> https://github.com/openstack/keystone/blob/stable/diablo/keystone/frontends/legacy_token_auth.py
>
> First issue: legacy_token_auth imports from legacy keystone.utils;
> however, they are trivial functions and could be moved into
> legacy_token_auth with an additional import for webob.Response.
>
> Second issue: legacy_token_auth is dependent on the
> KEYSTONE_API_VERSION WSGI env var set by the urlrewritefilter
> middleware deployed in front of it. A simplified derivative of this
> middleware is included in folsom-m1
> (keystone.middleware.core.NormalizingFilter) which doesn't look at the
> Accept headers or API path prefix at all.
>
> Diablo's NormalizingFilter:
> https://github.com/openstack/keystone/blob/stable/diablo/keystone/middleware/url.py
>
> Folsom's NormalizingFilter:
> https://github.com/openstack/keystone/blob/master/keystone/middleware/core.py
>
> Of course, there's also a bit of required config:
>
> https://github.com/openstack/keystone/blob/stable/diablo/etc/keystone.conf
>
> I expect the actual request-rewriting of legacy_auth_token should work
> just fine against keystone trunk.
>
> -Dolph
>
>
> On Wed, May 23, 2012 at 10:28 AM, Nguyen, Liem Manh
> <liem_m_nguyen at hp.com <mailto:liem_m_nguyen at hp.com>> wrote:
>
> In essex-3, there used to be a "legacy_token_auth" component that
> does just this.
>
> Liem
>
> *From:*openstack-bounces+liem_m_nguyen=hp.com at lists.launchpad.net
> <mailto:hp.com at lists.launchpad.net>
> [mailto:openstack-bounces+liem_m_nguyen
> <mailto:openstack-bounces%2Bliem_m_nguyen>=hp.com at lists.launchpad.net
> <mailto:hp.com at lists.launchpad.net>] *On Behalf Of *Chmouel Boudjnah
> *Sent:* Wednesday, May 23, 2012 6:54 AM
> *To:* Christian Broussard
> *Cc:* openstack at lists.launchpad.net
> <mailto:openstack at lists.launchpad.net>
> *Subject:* Re: [Openstack] [OpenStack][Keystone]Does legacy_auth
> v1.0 exist in Keystone Essex ?
>
> On Wed, May 23, 2012 at 3:53 PM, Christian Broussard
> <christian.broussard at gmail.com
> <mailto:christian.broussard at gmail.com>> wrote:
>
> I'm interested in this topic as well. Chmouel, are you
> indicated that without a 3rd party middleware implementation,
> there is no way to handle v1.0 auth with keystone/swift?
>
> Not that I know.
>
> Chmouel.
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> <https://launchpad.net/%7Eopenstack>
> Post to : openstack at lists.launchpad.net
> <mailto:openstack at lists.launchpad.net>
> Unsubscribe : https://launchpad.net/~openstack
> <https://launchpad.net/%7Eopenstack>
> More help : https://help.launchpad.net/ListHelp
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
As far as I know old URL rewriter works fine against Essex and it
probably works with Folsom, so you should be able to easily replace the
new URL middleware by the old one.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120524/028e8f15/attachment.html>
More information about the Openstack
mailing list