[Openstack-operators] Swift with Keystone (Folsom). Should the following be solvable?: Dispersion-reports, PKI, Anonymous access
Oisin Feeley
oisin.feeley at gmail.com
Tue Dec 11 18:35:33 UTC 2012
On Tue, Dec 11, 2012 at 11:32 AM, Oisin Feeley <oisin.feeley at gmail.com> wrote:
>
> We're trying to deploy Swift using Keystone exclusively for all identity management tasks.
> We're stuck on a couple of areas and would really appreciate confirmation that others have
> already succeeded and we should try harder, or that these areas are terrae incognitae.
> We're using the Ubuntu Cloud Archive PPA (swift-1.7.4-0ubuntu2~cloud0,
> keystone-2012.2~0ubuntu1~cloud0).
>
>
> 2. PKI Keystone
> =============
>
> Reading some reports[2] suggest that this should be possible and would reduce the number of calls made to the endpoint, can anyone confirm they've got this working?
To be a bit more specific here, how apart from "keystone token-get"
can we confirm that both the user initial authentication and all the
subsequent delegated authentication steps are actually using the
certificate?
We can see the very long PKI token for the first step, but it's not
clear how to verify that this mechanism is being used for the
subsequent steps. Wireshark?
Best wishes,
Oisin
More information about the OpenStack-operators
mailing list