[openstack-dev] Keystone auth_token middleware and the auth_host/auth_port configuration options
Jay Pipes
jaypipes at gmail.com
Thu Aug 1 05:43:14 UTC 2013
I have a question for the auth_token middleware developers.
The default auth_port is set to 35357, which is the admin API port for
Keystone:
https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/middleware/auth_token.py#L201
However, the token validation API call (POST /v2.0/tokens or POST
/v3/auth/tokens) uses the *service* API port, not the admin API port...
in fact, in the v3 API, there is no longer any distinction (thankfully)
between the service API and the admin API ... it's all just one API.
So, my question is this: we've been setting all of the auth_token config
options to the 5000 port -- the service API port for v2.0 Keystone. Is
this problematic? I'm having a heck of a time tracking down the source
of this bug:
https://bugs.launchpad.net/nova/+bug/1206330
And am trying to cross any possible configuration issues with the
auth_token middleware off of my list of possible causes.
Any and all insight would be most appreciated.
Best,
-jay
More information about the OpenStack-dev
mailing list