diff options
author | Henry Nash <henryn@linux.vnet.ibm.com> | 2013-07-25 20:09:45 +0100 |
---|---|---|
committer | Henry Nash <henryn@linux.vnet.ibm.com> | 2013-08-15 23:41:15 +0100 |
commit | 1ed2046eaa91fa36926d66a5fe1e88ccd65373bb (patch) | |
tree | b370dde77bb78b2a5a217840a97bc25c3d37ef26 /keystone/token/core.py | |
parent | 049c5c7159ba88f584c832e6b1a87d6bee9c31d7 (diff) | |
download | keystone-1ed2046eaa91fa36926d66a5fe1e88ccd65373bb.tar.gz keystone-1ed2046eaa91fa36926d66a5fe1e88ccd65373bb.tar.xz keystone-1ed2046eaa91fa36926d66a5fe1e88ccd65373bb.zip |
Implement domain specific Identity backends
A common scenario in shared clouds will be that a cloud provider will
want to be able to offer larger customers the ability to interface to
their chosen identity provider. In the base case, this might well be
their own corporate LDAP/AD directory. A cloud provider might also
want smaller customers to have their identity managed solely
within the OpenStack cloud, perhaps in a shared SQL database.
This patch allows domain specific backends for identity objects
(namely user and groups), which are specified by creation of a domain
configuration file for each domain that requires its own backend.
A side benefit of this change is that it clearly separates the
backends into those that are domain-aware and those that are not,
allowing, for example, the removal of domain validation from the
LDAP identity backend.
Implements bp multiple-ldap-servers
DocImpact
Change-Id: I489e8e50035f88eca4235908ae8b1a532645daab
Diffstat (limited to 'keystone/token/core.py')
-rw-r--r-- | keystone/token/core.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/keystone/token/core.py b/keystone/token/core.py index 3959586b..e8d04a7e 100644 --- a/keystone/token/core.py +++ b/keystone/token/core.py @@ -29,7 +29,7 @@ from keystone.openstack.common import timeutils CONF = config.CONF -config.register_int('expiration', group='token', default=86400) + LOG = logging.getLogger(__name__) |