[Openstack] Keystone, LDAP & Token behaviour
mrhearn at gmail.com
Wed May 21 14:48:31 UTC 2014
Can you help put me straight on expected Authentication behaviour when
using an LDAP identity backend.
In the scenario where a user is granted a token (keystone token-get) should
they not be able to make repeated API calls, e.g *glance --os-auth-token
xxxxxxx image-list * until the token expires?
I ask as using *tcpdump* I am seeing AuthN traffic between keystone and
LDAP each time I execute an API call - a call that includes an unexpired
I was assuming that by using an unexpired token a user avoids having to
make an AuthN call. Is that not the case?
Am using icehouse with token format set to PKI , caching enabled (memcached
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openstack