Fernet tokens read from disk on every request
Bug #1452418 reported by
Dolph Mathews
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Low
|
Dolph Mathews | ||
Kilo |
Fix Released
|
Low
|
Dolph Mathews |
Bug Description
The fernet keys are stored (by default) in /etc/keystone/
keystone.
Keystone really only needs to hit the disk periodically to check for a different set of keys, not on every request.
tags: | added: fernet |
Changed in keystone: | |
milestone: | liberty-1 → liberty-2 |
Changed in keystone: | |
importance: | Medium → Low |
milestone: | liberty-2 → none |
Changed in keystone: | |
status: | In Progress → Triaged |
Changed in keystone: | |
milestone: | none → liberty-3 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | liberty-3 → 8.0.0 |
To post a comment you must log in.
Relates to this code:
https:/ /github. com/openstack/ keystone/ blob/master/ keystone/ token/providers /fernet/ token_formatter s.py#L58