Comment 8 for bug 1317293

I've been looking into this, a fix may be possible by modifying heat_keystoneclient to avoid the authenticate() when we find a token in the request. I had initially thought that would mean heat could not create the trust it needs, but having done some testing it seems that may not be the case.

Further info/patch coming soon, hopefully.