[openstack-dev] Keystone auth_token middleware

Doug Hellmann doug.hellmann at dreamhost.com
Mon Sep 24 10:27:02 UTC 2012

On Mon, Sep 24, 2012 at 6:13 AM, Alan Pevec <apevec at gmail.com> wrote:

> On Mon, Sep 24, 2012 at 10:45 AM, Thierry Carrez <thierry at openstack.org>
> wrote:
> > Brian Waldon wrote:
> >> The auth_token middleware shouldn't live in the Keystone source tree.
> It is not intended to be used alongside any of the Keystone code as it gets
> pulled in to every service *but* Keystone. It is super frustrating to have
> to install all of Keystone just to get this one piece of code. As this
> middleware is just a client, I am proposing we move it into the existing
> keystone client library - python-keystoneclient. What are the immediate
> feelings here?
> >
> > Distributions can solve this by creating multiple binary packages from
> > the same source package,
> I did that in Fedora for Essex, but it broke post folsom-2 due to new
> intra-keystone dependencies in auth-token middleware:
> https://bugzilla.redhat.com/show_bug.cgi?id=844508
> There's also an issue with python subpackages sharing python namespace
> - who owns overlapping __init__.py ?

One common way to solve that is by using a namespace package at the top


> Best would be if auth-token is moved out of keystone.middleware, there
> are stuff imported[1] not required by auth-token.
> Alan
> [1]
> https://github.com/openstack/keystone/blob/master/keystone/middleware/__init__.py#L17
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20120924/632fb17d/attachment.html>

More information about the OpenStack-dev mailing list