diff options
author | Jamie Lennox <jlennox@redhat.com> | 2013-05-03 14:04:09 +1000 |
---|---|---|
committer | Jamie Lennox <jlennox@redhat.com> | 2013-05-21 10:14:12 +1000 |
commit | ff76a1b5cd3308cfb0ce936800364e27413ed946 (patch) | |
tree | 537b430171ca5405eed0ba7b0e2f7ce98ab15315 /doc | |
parent | 8d2b8e6457d5ae0ed1136091cb8c143a96abd614 (diff) | |
download | keystone-ff76a1b5cd3308cfb0ce936800364e27413ed946.tar.gz keystone-ff76a1b5cd3308cfb0ce936800364e27413ed946.tar.xz keystone-ff76a1b5cd3308cfb0ce936800364e27413ed946.zip |
Implement Token Flush via keystone-manage.
Creates a cli entry 'token_flush' which removes all expired tokens.
Fixes: bug 1032633
Implements: blueprint keystone-manage-token-flush
Change-Id: I47eab99b577ff9e9ee74fee08e18fd07c4af5aad
Diffstat (limited to 'doc')
-rw-r--r-- | doc/source/configuration.rst | 13 | ||||
-rw-r--r-- | doc/source/man/keystone-manage.rst | 1 |
2 files changed, 14 insertions, 0 deletions
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index 4b09f2c4..8990d156 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -975,6 +975,19 @@ example:: $ keystone service-delete 08741d8ed88242ca88d1f61484a0fe3b + +Removing Expired Tokens +=========================================================== + +In the SQL and KVS token stores expired tokens are not automatically +removed. These tokens can be removed with:: + + $ keystone-manage token_flush + +The memcache backend automatically discards expired tokens and so flushing +is unnecessary and if attempted will fail with a NotImplemented error. + + Configuring the LDAP Identity Provider =========================================================== diff --git a/doc/source/man/keystone-manage.rst b/doc/source/man/keystone-manage.rst index b7c2131c..84a3ec9f 100644 --- a/doc/source/man/keystone-manage.rst +++ b/doc/source/man/keystone-manage.rst @@ -49,6 +49,7 @@ Available commands: * ``import_nova_auth``: Import a dump of nova auth data into keystone. * ``pki_setup``: Initialize the certificates used to sign tokens. * ``ssl_setup``: Generate certificates for SSL. +* ``token_flush``: Purge expired tokens. OPTIONS |