a5962d1078
This patch updates the authentication system set up in heat: - We now authenticate against the 'heat' service at the entry point to each api call in the engine. - We are now using the 'Context' class to contain the authentication information as intended. - The two context classes are unified and we now use the same one for both WSGI and RPC. This is the intended design as the context is loaded by the WSGI middleware and then passed into the RPC methods. - We are now doing token authentication in the API that works with both native keystone and AWS style authentication. That token is then passed on to the engine for further authentication for various endpoints. Note that the heat-api-paste.ini file requires updating in order for this to work on your system. Admin user and password must be set properly in the authtoken section in order to perform token based authentication. I suspect there will be a few bugs in here yet. This is just part of the authentication/identification changes we need to make but I wanted to get this in so we could continue to work with a boto based client. Change-Id: Ib635ecd3088304e8d51d8e1fc31a8b1bf751caf3 Signed-off-by: Ian Main <imain@redhat.com> |
||
|---|---|---|
| .. | ||
| bash_completion.d | ||
| heat-api-paste.ini | ||
| heat-api.conf | ||
| heat-engine-paste.ini | ||
| heat-engine.conf | ||
| heat-metadata-paste.ini | ||
| heat-metadata.conf | ||