Delete outdated keystonemiddleware doc
We don't recommend using admin_user and admin_password in [keystone_authtoken] anymore, those are very deprecated[1]. We have a relatively up-to-date example in the keystonemiddleware docs[2]. [1] http://git.openstack.org/cgit/openstack/keystonemiddleware/tree/keystonemiddleware/auth_token/_auth.py?h=5.3.0#n30 [2] https://docs.openstack.org/keystonemiddleware/latest/middlewarearchitecture.html#configuration Change-Id: I55961711f526a35ba0e1edb542b124b9eb330d5d
This commit is contained in:
parent
05ff55e250
commit
f4b0061303
|
@ -1,74 +0,0 @@
|
|||
Authentication middleware with user name and password
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
You can also configure Identity authentication middleware using the
|
||||
``admin_user`` and ``admin_password`` options.
|
||||
|
||||
.. note::
|
||||
|
||||
The ``admin_token`` option is deprecated and no longer used for
|
||||
configuring auth_token middleware.
|
||||
|
||||
For services that have a separate paste-deploy ``.ini`` file, you can
|
||||
configure the authentication middleware in the ``[keystone_authtoken]``
|
||||
section of the main configuration file, such as ``nova.conf``. In
|
||||
Compute, for example, you can remove the middleware parameters from
|
||||
``api-paste.ini``, as follows:
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
|
||||
|
||||
And set the following values in ``nova.conf`` as follows:
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
[DEFAULT]
|
||||
# ...
|
||||
auth_strategy=keystone
|
||||
|
||||
[keystone_authtoken]
|
||||
www_authenticate_uri = http://controller:5000/v3
|
||||
identity_uri = http://controller:35357
|
||||
admin_user = admin
|
||||
admin_password = SuperSekretPassword
|
||||
admin_tenant_name = service
|
||||
|
||||
.. note::
|
||||
|
||||
The middleware parameters in the paste config take priority. You
|
||||
must remove them to use the values in the ``[keystone_authtoken]``
|
||||
section.
|
||||
|
||||
.. note::
|
||||
|
||||
Comment out any ``auth_host``, ``auth_port``, and
|
||||
``auth_protocol`` options because the ``identity_uri`` option
|
||||
replaces them.
|
||||
|
||||
This sample paste config filter makes use of the ``admin_user`` and
|
||||
``admin_password`` options:
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
www_authenticate_uri = http://controller:5000/v3
|
||||
identity_uri = http://controller:35357
|
||||
auth_token = 012345SECRET99TOKEN012345
|
||||
admin_user = admin
|
||||
admin_password = keystone123
|
||||
|
||||
.. note::
|
||||
|
||||
Using this option requires an admin project/role relationship. The
|
||||
admin user is granted access to the admin role on the admin project.
|
||||
|
||||
.. note::
|
||||
|
||||
Comment out any ``auth_host``, ``auth_port``, and
|
||||
``auth_protocol`` options because the ``identity_uri`` option
|
||||
replaces them.
|
||||
|
|
@ -30,7 +30,6 @@ command-line client.
|
|||
security-compliance.rst
|
||||
resource-options.rst
|
||||
performance.rst
|
||||
auth-token-middleware.rst
|
||||
service-api-protection.rst
|
||||
troubleshoot.rst
|
||||
unified-limits.rst
|
||||
|
|
Loading…
Reference in New Issue