[openstack-dev] [all][keystonemiddleware] re-use of keystone middleware options

Morgan Fainberg morgan.fainberg at gmail.com
Sat Jul 25 14:46:20 UTC 2015


I've seen a continued re-use of the options supplied by keystone middleware in other code developed. This is where code is developed and pulls in the options from auth_token because it is convenient and they have already been defined. 

I would like to ask the community to stop leaning on these options for any code that is not defined in keystone's auth_token. This is because we will change these options from time to time and these options need to be flexible to allow middleware to handle new methods of auth without breaking code that the services behind auth_token are running. 

In essence the options from auth_token should be considered private and only used by auth_token itself. Unfortunately, making an option "hidden" would also remove it from the sample config, which would have a larger impact on operators. 

This is just a message to raise awareness that the keystonemiddleware options shouldn't be  used by code outside of keystonemiddleware.

Thanks!
--Morgan

Sent via mobile


More information about the OpenStack-dev mailing list