Move heat-api auth_token conf from paste.ini

keystone auth_token middleware now allows heat to have auth_token
configuration in heat-api.conf. Moves the example of
auth_token configuration from heat-api-paste.ini to heat-api.conf.
This simplifies user configuations and users is no longer required
to edit heat-api-paste.ini.

This does not break backward compatibility. auth_token first
tries the configurations in /etc/heat/heat-api-paste.ini and then the
above configurations. Thus a user who already uses heat-api-paste.ini
does not need to change it.

Change-Id: Ia0a4d912cd7380094e121ee4af733277ca4d812e
Blueprint: keystone-middleware

etc/heat/heat-api-cfn-paste.ini

@@ -29,13 +29,3 @@ keystone_ec2_uri = http://localhost:5000/v2.0/ec2tokens
 
 [filter:authtoken]
 paste.filter_factory = heat.common.auth_token:filter_factory
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-auth_uri = http://127.0.0.1:5000/v2.0
-
-# These must be set to your local values in order for the token
-# authentication to work.
-admin_tenant_name = service
-admin_user = heat
-admin_password = verybadpass

etc/heat/heat-api-cfn.conf

@@ -28,3 +28,15 @@ use_syslog = False
 # syslog_log_facility = LOG_LOCAL0
 
 rpc_backend=heat.openstack.common.rpc.impl_qpid
+
+[keystone_authtoken]
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+auth_uri = http://127.0.0.1:5000/v2.0
+
+# These must be set to your local values in order for the token
+# authentication to work.
+admin_tenant_name = service
+admin_user = heat
+admin_password = verybadpass

etc/heat/heat-api-cloudwatch-paste.ini

@@ -29,13 +29,3 @@ keystone_ec2_uri = http://localhost:5000/v2.0/ec2tokens
 
 [filter:authtoken]
 paste.filter_factory = heat.common.auth_token:filter_factory
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-auth_uri = http://127.0.0.1:5000/v2.0
-
-# These must be set to your local values in order for the token
-# authentication to work.
-admin_tenant_name = service
-admin_user = heat
-admin_password = verybadpass

etc/heat/heat-api-cloudwatch.conf

@@ -26,3 +26,15 @@ bind_host = 0.0.0.0
 bind_port = 8003
 
 rpc_backend=heat.openstack.common.rpc.impl_qpid
+
+[keystone_authtoken]
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+auth_uri = http://127.0.0.1:5000/v2.0
+
+# These must be set to your local values in order for the token
+# authentication to work.
+admin_tenant_name = service
+admin_user = heat
+admin_password = verybadpass

etc/heat/heat-api-paste.ini

@@ -32,16 +32,6 @@ paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
 
 [filter:authtoken]
 paste.filter_factory = heat.common.auth_token:filter_factory
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-auth_uri = http://127.0.0.1:5000/v2.0
-
-# These must be set to your local values in order for the token
-# authentication to work.
-admin_tenant_name = service
-admin_user = heat
-admin_password = verybadpass
 
 [filter:custombackendauth]
 paste.filter_factory = heat.common.custom_backend_auth:filter_factory

etc/heat/heat-api.conf

@@ -32,3 +32,15 @@ rpc_backend=heat.openstack.common.rpc.impl_qpid
 # Uncomment this if you're using a custom cloud backend:
 # [paste_deploy]
 # flavor = custombackend
+
+[keystone_authtoken]
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+auth_uri = http://127.0.0.1:5000/v2.0
+
+# These must be set to your local values in order for the token
+# authentication to work.
+admin_tenant_name = service
+admin_user = heat
+admin_password = verybadpass