From c238ace30981877e5991874c5b193ea7d5107419 Mon Sep 17 00:00:00 2001
From: Guang Yee <guang.yee@hp.com>
Date: Thu, 20 Jun 2013 10:06:17 -0700
Subject: Implements Pluggable V3 Token Provider

Abstract V3 token provider backend to make token provider pluggable. It enables
deployers to customize token management to add their own capabilities.
Token provider is responsible for issuing, checking, validating, and
revoking tokens. Note the distinction between token 'driver' and 'provider'.
Token 'driver' simply provides token persistence. It does not issue or
interpret tokens.

Token provider is specified by the 'provider' property in the '[token]'
section of the Keystone configuration file.

Partially implemented blueprint pluggable-token-format.

This patch also fixes bug 1186061.

Change-Id: I755fb850765ea99e5237626a2e645e6ceb42a9d3
---
 etc/keystone.conf.sample | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'etc')

diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample
index 3f4f1637..7ab9acdc 100644
--- a/etc/keystone.conf.sample
+++ b/etc/keystone.conf.sample
@@ -119,8 +119,12 @@
 # template_file = default_catalog.templates
 
 [token]
+# Provides token persistence.
 # driver = keystone.token.backends.sql.Token
 
+# Controls the token construction, validation, and revocation operations.
+# provider = keystone.token.providers.pki.Provider
+
 # Amount of time a token should remain valid (in seconds)
 # expiration = 86400
 
-- 
cgit