From dcc59e56317701d7e457fed8d5e162dc463a8e13 Mon Sep 17 00:00:00 2001 From: Dolph Mathews Date: Wed, 30 Nov 2011 10:26:08 -0600 Subject: Updated docstring to match auth_token.py (bug 898211) Change-Id: I6586f415e4bdb8bf2951363b5f3cfe894ddb49bf --- keystone/middleware/quantum_auth_token.py | 52 ++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 18 deletions(-) diff --git a/keystone/middleware/quantum_auth_token.py b/keystone/middleware/quantum_auth_token.py index c1359329..40d79f17 100755 --- a/keystone/middleware/quantum_auth_token.py +++ b/keystone/middleware/quantum_auth_token.py @@ -21,13 +21,14 @@ TOKEN-BASED AUTH MIDDLEWARE This WSGI component performs multiple jobs: + - it verifies that incoming client requests have valid tokens by verifying - tokens with the auth service. + tokens with the auth service. - it will reject unauthenticated requests UNLESS it is in 'delay_auth_decision' - mode, which means the final decision is delegated to the downstream WSGI - component (usually the OpenStack service) + mode, which means the final decision is delegated to the downstream WSGI + component (usually the OpenStack service) - it will collect and forward identity information from a valid token - such as user name, groups, etc... + such as user name, groups, etc... Refer to: http://wiki.openstack.org/openstack-authn @@ -35,20 +36,35 @@ This WSGI component has been derived from Keystone's auth_token middleware module. It contains some specialization for Quantum. HEADERS -------- -Headers starting with HTTP_ is a standard http header -Headers starting with HTTP_X is an extended http header - -> Coming in from initial call from client or customer -HTTP_X_AUTH_TOKEN : the client token being passed in -HTTP_X_STORAGE_TOKEN: the client token being passed in (legacy Rackspace use) - to support cloud files -> Used for communication between components -www-authenticate : only used if this component is being used remotely -HTTP_AUTHORIZATION : basic auth password used to validate the connection - -> What we add to the request for use by the OpenStack service -HTTP_X_AUTHORIZATION: the client identity being passed in +======= + +Headers starting with ``HTTP_`` is a standard http header +Headers starting with ``HTTP_X`` is an extended http header + +Coming in from initial call from client or customer +--------------------------------------------------- + +HTTP_X_AUTH_TOKEN + The client token being passed in + +HTTP_X_STORAGE_TOKEN + The client token being passed in (legacy Rackspace use) to support + cloud files + +Used for communication between components +----------------------------------------- + +www-Authenticate + Only used if this component is being used remotely + +HTTP_AUTHORIZATION + Basic auth password used to validate the connection + +What we add to the request for use by the OpenStack service +----------------------------------------------------------- + +HTTP_X_AUTHORIZATION + The client identity being passed in """ -- cgit