Comment 2 for bug 1625321
Revision history for this message
| Sean Dague (sdague) wrote Re: Hitting "Authentication required" on migration when building network info model | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
It is a known problem that when talking to services on a user's behalf (such as glance, cinder, neutron) and using a Token, that it could expire when making sub requests on behalf of the user. By default Keystone Token expiration time is 1 hour.
There is no definitive solution at this point for this problem. A number of ideas have been discussed during summit sessions around non expiring token types (would need keystone changes). However we may want to decide that for some class of known long standing operations that Nova will reject them if the token expiration is too close (much like traveling on a passport that is near expiration). That may be able to mitigate this.