Use user home dir as default for cache

This is a better and safer default, as it and minimizes the
possibility that the cache directory will be prepopulated or
unwritable, while still providing a reasonable value for the
individual developer

Creates a better exception for failure to create the cache
dir

Logs the name of the cache dir actually used.

Bug 1031022

Change-Id: Ia3718107e436ceb034e3a89318ac05265d66d6f1

1 files changed, 9 insertions, 2 deletions

diff --git a/keystone/middleware/auth_token.py b/keystone/middleware/auth_token.py
index 3835f4c3..75ab67c7 100644
--- a/keystone/middleware/auth_token.py
+++ b/keystone/middleware/auth_token.py
@@ -117,6 +117,10 @@ class ServiceError(Exception):
     pass
 
 
+class ConfigurationError(Exception):
+    pass
+
+
 class AuthProtocol(object):
     """Auth Middleware that handles authenticating client calls."""
 
@@ -150,11 +154,14 @@ class AuthProtocol(object):
         self.key_file = conf.get('keyfile')
 
         #signing
-        default_signing_dir = '/tmp/keystone-signing-%s' % os.environ['USER']
+        default_signing_dir = '%s/keystone-signing' % os.environ['HOME']
         self.signing_dirname = conf.get('signing_dir', default_signing_dir)
+        LOG.info('Using %s as cache directory for signing certificate' %
+                 self.signing_dirname)
         if (os.path.exists(self.signing_dirname) and
                 not os.access(self.signing_dirname, os.W_OK)):
-                raise "TODO: Need to find an Exception to raise here."
+                raise ConfigurationError("unable to access signing dir %s" %
+                                         self.signing_dirname)
 
         if not os.path.exists(self.signing_dirname):
             os.makedirs(self.signing_dirname)