[openstack-dev] [Keystone][Mistral][Devstack] Confusion between auth_url and auth_uri in keystone middleware
mfedosin at gmail.com
Thu Jun 15 14:44:34 UTC 2017
On Thu, Jun 15, 2017 at 1:55 PM, Gyorgy Szombathelyi <
gyorgy.szombathelyi at doclerholding.com> wrote:
> Hi Mikhail,
> (I'm not from the Keystone team, but did some patches for using
> > 2. Even if auth_url is set, it can't be used later, because it is not
> registered in
> > oslo_config 
> auth_url is actually a dynamic parameter and depends on the keystone auth
> plugin used
> (auth_type=xxx). The plugin which needs this parameter, registers it.
Based on this http://paste.openstack.org/show/612664/ I would say that the
plugin doesn't register it :(
It either can be a bug, or it was done intentionally, I don't know.
> > So I would like to get an advise from keystone team and understand what I
> > should do in such cases. Official documentation doesn't add clarity on
> > matter because it recommends to use auth_uri in some cases and auth_url
> > others.
> > My suggestion is to add auth_url in the list of keystone authtoken
> > middleware config options, so that the parameter can be used by the
> Yepp, this makes some confusion, but adding auth_url will make a clash with
> most (all?) authentication plugins. auth_url can be considered as an
> option for the keystoneauth1 modules, and not used by anything else (like
> the keystonemiddleware itself). However if there would be a more elagant
> solution, I would also hear about it.
> > Best,
> > Mike
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
My final thought that we have to use both (auth_url and auth_uri) options
in mistral config, which looks ugly, but necessary.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev