Browse code
Merge "Configure auth_token middleware manually in swift."
Jenkins authored on 2015/02/03 00:44:04Showing 1 changed files
| ... | ... |
@@ -409,16 +409,27 @@ function configure_swift {
|
| 409 | 409 |
# Configure Crossdomain |
| 410 | 410 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:crossdomain use "egg:swift#crossdomain"
|
| 411 | 411 |
|
| 412 |
- # Configure Keystone |
|
| 413 |
- sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
|
|
| 414 |
- configure_auth_token_middleware ${SWIFT_CONFIG_PROXY_SERVER} swift $SWIFT_AUTH_CACHE_DIR filter:authtoken
|
|
| 412 |
+ |
|
| 415 | 413 |
# This causes the authtoken middleware to use the same python logging |
| 416 | 414 |
# adapter provided by the swift proxy-server, so that request transaction |
| 417 | 415 |
# IDs will included in all of its log messages. |
| 418 | 416 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken log_name swift
|
| 419 | 417 |
|
| 420 |
- iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth use
|
|
| 421 |
- iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth operator_roles
|
|
| 418 |
+ # NOTE(jamielennox): swift cannot use the regular configure_auth_token_middleware function because swift |
|
| 419 |
+ # doesn't use oslo.config which is the only way to configure auth plugins with the middleare. |
|
| 420 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken paste.filter_factory keystonemiddleware.auth_token:filter_factory
|
|
| 421 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken identity_uri $KEYSTONE_AUTH_URI
|
|
| 422 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_user swift
|
|
| 423 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_password $SERVICE_PASSWORD
|
|
| 424 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
|
|
| 425 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_uri $KEYSTONE_SERVICE_URI
|
|
| 426 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken cafile $SSL_BUNDLE_FILE
|
|
| 427 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken signing_dir $SWIFT_AUTH_CACHE_DIR
|
|
| 428 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken delay_auth_decision 1
|
|
| 429 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken cache swift.cache
|
|
| 430 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken include_service_catalog False
|
|
| 431 |
+ |
|
| 432 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth use "egg:swift#keystoneauth"
|
|
| 422 | 433 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth operator_roles "Member, admin"
|
| 423 | 434 |
|
| 424 | 435 |
# Configure Tempauth. In the sample config file, Keystoneauth is commented |