diff options
| author | Guang Yee <guang.yee@hp.com> | 2013-06-20 10:06:17 -0700 |
|---|---|---|
| committer | Guang Yee <guang.yee@hp.com> | 2013-07-12 13:34:22 -0700 |
| commit | c238ace30981877e5991874c5b193ea7d5107419 (patch) | |
| tree | 8e74ad5b2c05d2295d6c78c005cc97b26270e153 /etc | |
| parent | 24a6f41405299e4c7c9e2d80969311b1c9b6fb5a (diff) | |
| download | keystone-c238ace30981877e5991874c5b193ea7d5107419.tar.gz keystone-c238ace30981877e5991874c5b193ea7d5107419.tar.xz keystone-c238ace30981877e5991874c5b193ea7d5107419.zip | |
Implements Pluggable V3 Token Provider
Abstract V3 token provider backend to make token provider pluggable. It enables
deployers to customize token management to add their own capabilities.
Token provider is responsible for issuing, checking, validating, and
revoking tokens. Note the distinction between token 'driver' and 'provider'.
Token 'driver' simply provides token persistence. It does not issue or
interpret tokens.
Token provider is specified by the 'provider' property in the '[token]'
section of the Keystone configuration file.
Partially implemented blueprint pluggable-token-format.
This patch also fixes bug 1186061.
Change-Id: I755fb850765ea99e5237626a2e645e6ceb42a9d3
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/keystone.conf.sample | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample index 3f4f1637..7ab9acdc 100644 --- a/etc/keystone.conf.sample +++ b/etc/keystone.conf.sample @@ -119,8 +119,12 @@ # template_file = default_catalog.templates [token] +# Provides token persistence. # driver = keystone.token.backends.sql.Token +# Controls the token construction, validation, and revocation operations. +# provider = keystone.token.providers.pki.Provider + # Amount of time a token should remain valid (in seconds) # expiration = 86400 |