Comment 3 for bug 923573

+1 for either A) tokens without expiration dates ("api keys"?) or, B) actually authenticating with keystone using credentials to retrieve an admin token whenever necessary.

Keystone supports (B) today; the middleware just has to take advantage of it.