|
|
|
@ -11,7 +11,7 @@ pipeline = versionapp
|
|
|
|
|
[pipeline:barbican_api] |
|
|
|
|
####pipeline = simple apiapp |
|
|
|
|
#pipeline = keystone_authtoken context apiapp |
|
|
|
|
pipeline = {{ barbican_api_pipeline }} |
|
|
|
|
pipeline = {{ options.barbican_api_pipeline }} |
|
|
|
|
|
|
|
|
|
#Use this pipeline to activate a repoze.profile middleware and HTTP port, |
|
|
|
|
# to provide profiling information for the REST API processing. |
|
|
|
@ -21,7 +21,7 @@ pipeline = unauthenticated-context egg:Paste#cgitb egg:Paste#httpexceptions prof
|
|
|
|
|
#Use this pipeline for keystone auth |
|
|
|
|
[pipeline:barbican-api-keystone] |
|
|
|
|
#pipeline = keystone_authtoken context apiapp |
|
|
|
|
pipeline = {{ barbican_api_keystone_pipeline }} |
|
|
|
|
pipeline = {{ options.barbican_api_keystone_pipeline }} |
|
|
|
|
|
|
|
|
|
[app:apiapp] |
|
|
|
|
paste.app_factory = barbican.api.app:create_main_app |
|
|
|
@ -41,13 +41,13 @@ paste.filter_factory = barbican.api.middleware.context:ContextMiddleware.factory
|
|
|
|
|
[filter:keystone_authtoken] |
|
|
|
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory |
|
|
|
|
signing_dir = /var/lib/barbican/keystone-signing |
|
|
|
|
auth_host = {{ auth_host }} |
|
|
|
|
auth_host = {{ identity_service.auth_host }} |
|
|
|
|
#need ability to re-auth a token, thus admin url |
|
|
|
|
auth_port = {{ auth_port }} |
|
|
|
|
auth_protocol = {{ auth_protocol }} |
|
|
|
|
admin_tenant_name = {{ admin_tenant_name }} |
|
|
|
|
admin_user = {{ admin_user }} |
|
|
|
|
admin_password = {{ admin_password }} |
|
|
|
|
auth_port = {{ identity_service.auth_port }} |
|
|
|
|
auth_protocol = {{ identity_service.auth_protocol }} |
|
|
|
|
admin_tenant_name = {{ identity_service.service_tenant }} |
|
|
|
|
admin_user = {{ identity_service.service_username }} |
|
|
|
|
admin_password = {{ identity_service.service_password }} |
|
|
|
|
auth_version = v2.0 |
|
|
|
|
#delay failing perhaps to log the unauthorized request in barbican .. |
|
|
|
|
#delay_auth_decision = true |
|
|
|
@ -55,13 +55,13 @@ auth_version = v2.0
|
|
|
|
|
[filter:keystone_v3_authtoken] |
|
|
|
|
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory |
|
|
|
|
signing_dir = /var/lib/barbican/keystone-signing |
|
|
|
|
auth_host = {{ auth_host }} |
|
|
|
|
auth_host = {{ identity_service.auth_host }} |
|
|
|
|
#need ability to re-auth a token, thus admin url |
|
|
|
|
auth_port = {{ auth_port }} |
|
|
|
|
auth_protocol = {{ auth_protocol }} |
|
|
|
|
admin_tenant_name = {{ admin_tenant_name }} |
|
|
|
|
admin_user = {{ admin_user }} |
|
|
|
|
admin_password = {{ admin_password }} |
|
|
|
|
auth_port = {{ identity_service.auth_port }} |
|
|
|
|
auth_protocol = {{ identity_service.auth_protocol }} |
|
|
|
|
admin_tenant_name = {{ identity_service.service_tenant }} |
|
|
|
|
admin_user = {{ identity_service.service_username }} |
|
|
|
|
admin_password = {{ identity_service.service_password }} |
|
|
|
|
auth_version = v3.0 |
|
|
|
|
#delay failing perhaps to log the unauthorized request in barbican .. |
|
|
|
|
#delay_auth_decision = true |
|
|
|
|