"Also, I assume step 4 was meant to read "4. Go back to **firefox**...""
Yes a typo, have updated the description
- which type of tokens are in use, UUID or PKI?
select * from token LIMIT 0,1\G
*************************** 1. row ***************************
id: 0029fab4803b4caab6b0e0d7b47fd608
expires: 2013-04-12 02:28:14
extra: {"user": {"email": "<email address hidden>", "enabled": true, "id": "e81e1688ce7b4ee1a7af1cd12d084870", "name": "admin", "tenantId": null}, "key": "0029fab4803b4caab6b0e0d7b47fd608", "tenant": null, "metadata": {}}
valid: 1
1 row in set (0.00 sec)
Not sure if this answers your question. If not could you tell me how to check this?
- which middleware is protecting nova? keystone.middleware.auth_token or keystoneclient.middleware.auth_token?
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
- how is the middleware configured? specifically interested in revocation_cache_time if set, which should default to 1 second
Seems we don't have this set in nova.conf, api-paste.conf and keystone.conf. Any other place to check this? This should be a keystone option I guess?
- which release/branch of keystone is this occurring on?
dpkg -l | grep keystone
ii keystone 2012.2.1-0ubuntu1~cloud0 OpenStack identity service - Daemons
ii python-keystone 2012.2.1-0ubuntu1~cloud0 OpenStack identity service - Python library
ii python-keystoneclient 1:0.1.3-0ubuntu1.1~cloud0 Client libary for Openstack Keystone API
Those are the folsom cloudarchive packages for ubuntu 12.04
I'm not sure if I answered your questions correclty, so please see related configurations below.
"Also, I assume step 4 was meant to read "4. Go back to **firefox**...""
Yes a typo, have updated the description
- which type of tokens are in use, UUID or PKI? ******* ******* ****** 1. row ******* ******* ******* ****** ab6b0e0d7b47fd6 08 e1a7af1cd12d084 870", "name": "admin", "tenantId": null}, "key": "0029fab4803b4c aab6b0e0d7b47fd 608", "tenant": null, "metadata": {}}
select * from token LIMIT 0,1\G
*******
id: 0029fab4803b4ca
expires: 2013-04-12 02:28:14
extra: {"user": {"email": "<email address hidden>", "enabled": true, "id": "e81e1688ce7b4e
valid: 1
1 row in set (0.00 sec)
Not sure if this answers your question. If not could you tell me how to check this?
- which middleware is protecting nova? keystone. middleware. auth_token or keystoneclient. middleware. auth_token? factory = keystone. middleware. auth_token: filter_ factory
[filter:authtoken]
paste.filter_
- how is the middleware configured? specifically interested in revocation_ cache_time if set, which should default to 1 second
Seems we don't have this set in nova.conf, api-paste.conf and keystone.conf. Any other place to check this? This should be a keystone option I guess?
- which release/branch of keystone is this occurring on? 1-0ubuntu1~ cloud0 OpenStack identity service - Daemons 1-0ubuntu1~ cloud0 OpenStack identity service - Python library keystoneclient 1:0.1.3- 0ubuntu1. 1~cloud0 Client libary for Openstack Keystone API
dpkg -l | grep keystone
ii keystone 2012.2.
ii python-keystone 2012.2.
ii python-
Those are the folsom cloudarchive packages for ubuntu 12.04
I'm not sure if I answered your questions correclty, so please see related configurations below.
nova.conf: paste.openstack .org/show/ 35770/
http://
nova/api- paste.conf: paste.openstack .org/show/ 35771/
http://
keystone.conf paste.openstack .org/show/ 35774/
http://