diff options
| author | Dolph Mathews <dolph.mathews@gmail.com> | 2011-11-30 10:26:08 -0600 |
|---|---|---|
| committer | Ziad Sawalha <github@highbridgellc.com> | 2011-11-30 17:46:32 -0600 |
| commit | dcc59e56317701d7e457fed8d5e162dc463a8e13 (patch) | |
| tree | 785401c0bf4ea75e6d7ca24df8d57fbccf999d6b | |
| parent | 93154778c9c7ee1195b5f24a99c22b801c4ebcc9 (diff) | |
Updated docstring to match auth_token.py (bug 898211)
Change-Id: I6586f415e4bdb8bf2951363b5f3cfe894ddb49bf
| -rwxr-xr-x | keystone/middleware/quantum_auth_token.py | 52 |
1 files changed, 34 insertions, 18 deletions
diff --git a/keystone/middleware/quantum_auth_token.py b/keystone/middleware/quantum_auth_token.py index c1359329..40d79f17 100755 --- a/keystone/middleware/quantum_auth_token.py +++ b/keystone/middleware/quantum_auth_token.py @@ -21,13 +21,14 @@ TOKEN-BASED AUTH MIDDLEWARE This WSGI component performs multiple jobs: + - it verifies that incoming client requests have valid tokens by verifying - tokens with the auth service. + tokens with the auth service. - it will reject unauthenticated requests UNLESS it is in 'delay_auth_decision' - mode, which means the final decision is delegated to the downstream WSGI - component (usually the OpenStack service) + mode, which means the final decision is delegated to the downstream WSGI + component (usually the OpenStack service) - it will collect and forward identity information from a valid token - such as user name, groups, etc... + such as user name, groups, etc... Refer to: http://wiki.openstack.org/openstack-authn @@ -35,20 +36,35 @@ This WSGI component has been derived from Keystone's auth_token middleware module. It contains some specialization for Quantum. HEADERS -------- -Headers starting with HTTP_ is a standard http header -Headers starting with HTTP_X is an extended http header - -> Coming in from initial call from client or customer -HTTP_X_AUTH_TOKEN : the client token being passed in -HTTP_X_STORAGE_TOKEN: the client token being passed in (legacy Rackspace use) - to support cloud files -> Used for communication between components -www-authenticate : only used if this component is being used remotely -HTTP_AUTHORIZATION : basic auth password used to validate the connection - -> What we add to the request for use by the OpenStack service -HTTP_X_AUTHORIZATION: the client identity being passed in +======= + +Headers starting with ``HTTP_`` is a standard http header +Headers starting with ``HTTP_X`` is an extended http header + +Coming in from initial call from client or customer +--------------------------------------------------- + +HTTP_X_AUTH_TOKEN + The client token being passed in + +HTTP_X_STORAGE_TOKEN + The client token being passed in (legacy Rackspace use) to support + cloud files + +Used for communication between components +----------------------------------------- + +www-Authenticate + Only used if this component is being used remotely + +HTTP_AUTHORIZATION + Basic auth password used to validate the connection + +What we add to the request for use by the OpenStack service +----------------------------------------------------------- + +HTTP_X_AUTHORIZATION + The client identity being passed in """ |