Comment 3 for bug 1315133

dfg thinks we can fix this by moving xlo to the right of auth and I think it's a pretty good idea.

It solves caching authn and leaves us in a good place to reuse swift.authorize on subrequests before it get's popped out of the env in proxy.server

I needed something like:

https://gist.github.com/clayg/8378436d6772ac6fae3c

to make common.wsgi and keystone_auth support cached identity information though.

Option B is let make_env just copy over everything and then keystone auth can just pull out the headers it needs to rebuild keystone.identity every request.