Comment 12 for bug 1166670

UUID Tokens are authenticated via an online call to Keystone. Once that has been done,. they are cached inside auth_token middleware. The is is a performance optimization. In order to perform and additional lookup against Keystone, set the cache value lower. So the trade off is between a performance optimization and immediate notification of a revocation event. The solution to this is to shorten the time UUID tokens are in the cache.

We default this value in the auth_token middleware initialization.
    cfg.IntOpt('token_cache_time', default=300), With the time in seconds, 300 means five minutes. This seems like a reasonable trade-off. We can choose a shorter default. And installations can configure this value with the application paste files.