Deprecate admin_token in auth_token
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
Fix Released
|
Wishlist
|
Brant Knudson |
Bug Description
The admin_token option shouldn't be used in auth_token. It's used to specify a token to be used to perform operations on the identity server, so would typically be set to the admin token. The admin token should only be used to initially set up the Keystone server, and then the admin token functionality should be disabled. If this recommended setup is used then the auth_token middleware shouldn't be using the admin token / auth_token.
In addition to not using it on principle, the auth_token middleware exhibits odd behavior if the identity server responds with a 401 -- it switches to using the admin user & password (see bug 1307252).
In preparing for removal of the admin_token option, let's deprecate it, and print a warning not to use it.
Changed in python-keystoneclient: | |
assignee: | nobody → Brant Knudson (blk-u) |
importance: | Undecided → Wishlist |
description: | updated |
Changed in python-keystoneclient: | |
milestone: | none → 0.9.0 |
Changed in python-keystoneclient: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/87091
Review: https:/