[Openstack] One Time Keystone Use Tokens?

Adam Young ayoung at redhat.com
Sat Oct 26 01:06:29 UTC 2013

On 10/25/2013 04:03 PM, Ali, Haneef wrote:
> I don't think it is possible.  Can't you revoke the token after  VM boot?
Yes, but I would not recommend doing that.  You would have to modify 
every place that used tokens.  Youncould make the token timeout very 
short, but it will break on any long running tasks.

> Thanks
> Haneef
> *From:*Brian Chong [mailto:Brian_Chong at symantec.com]
> *Sent:* Friday, October 25, 2013 8:19 AM
> *To:* openstack at lists.openstack.org
> *Subject:* [Openstack] One Time Keystone Use Tokens?
> Hi,
> I'm trying to figure out if its possible to configure KeyStone tokens 
> to be one time use. My use case is that when a user requests that they 
> want to take a action on the platform (i.e.: boot a VM) they aren't 
> also using that same token to load a image in Glance or delete another 
> VM, etc.
> How would I do that or is that even possible?
> Thanks a lot!
> -Brian
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131025/1ff19248/attachment.html>

More information about the Openstack mailing list