Juju Charm - Barbican
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
charm-barbican/templates/juno/barbican-api-paste.ini

76 lines
2.7 KiB

[composite:main]
use = egg:Paste#urlmap
/: barbican_version
/v1: barbican_api
# Use this pipeline for Barbican API - versions no authentication
[pipeline:barbican_version]
pipeline = versionapp
# Use this pipeline for Barbican API - DEFAULT no authentication
[pipeline:barbican_api]
####pipeline = simple apiapp
#pipeline = keystone_authtoken context apiapp
pipeline = {{ options.barbican_api_pipeline }}
#Use this pipeline to activate a repoze.profile middleware and HTTP port,
# to provide profiling information for the REST API processing.
[pipeline:barbican-profile]
pipeline = unauthenticated-context egg:Paste#cgitb egg:Paste#httpexceptions profile apiapp
#Use this pipeline for keystone auth
[pipeline:barbican-api-keystone]
#pipeline = keystone_authtoken context apiapp
pipeline = {{ options.barbican_api_keystone_pipeline }}
[app:apiapp]
paste.app_factory = barbican.api.app:create_main_app
[app:versionapp]
paste.app_factory = barbican.api.app:create_version_app
[filter:simple]
paste.filter_factory = barbican.api.middleware.simple:SimpleFilter.factory
[filter:unauthenticated-context]
paste.filter_factory = barbican.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:context]
paste.filter_factory = barbican.api.middleware.context:ContextMiddleware.factory
[filter:keystone_authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
signing_dir = /var/lib/barbican/keystone-signing
auth_host = {{ identity_service.auth_host }}
#need ability to re-auth a token, thus admin url
auth_port = {{ identity_service.auth_port }}
auth_protocol = {{ identity_service.auth_protocol }}
admin_tenant_name = {{ identity_service.service_tenant }}
admin_user = {{ identity_service.service_username }}
admin_password = {{ identity_service.service_password }}
auth_version = v2.0
#delay failing perhaps to log the unauthorized request in barbican ..
#delay_auth_decision = true
[filter:keystone_v3_authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
signing_dir = /var/lib/barbican/keystone-signing
auth_host = {{ identity_service.auth_host }}
#need ability to re-auth a token, thus admin url
auth_port = {{ identity_service.auth_port }}
auth_protocol = {{ identity_service.auth_protocol }}
admin_tenant_name = {{ identity_service.service_tenant }}
admin_user = {{ identity_service.service_username }}
admin_password = {{ identity_service.service_password }}
auth_version = v3.0
#delay failing perhaps to log the unauthorized request in barbican ..
#delay_auth_decision = true
[filter:profile]
use = egg:repoze.profile
log_filename = myapp.profile
cachegrind_filename = cachegrind.out.myapp
discard_first_request = true
path = /__profile__
flush_at_shutdown = true
unwind = false