Delete outdated keystonemiddleware doc

We don't recommend using admin_user and admin_password in
[keystone_authtoken] anymore, those are very deprecated[1]. We have a
relatively up-to-date example in the keystonemiddleware docs[2].

[1] http://git.openstack.org/cgit/openstack/keystonemiddleware/tree/keystonemiddleware/auth_token/_auth.py?h=5.3.0#n30
[2] https://docs.openstack.org/keystonemiddleware/latest/middlewarearchitecture.html#configuration

Change-Id: I55961711f526a35ba0e1edb542b124b9eb330d5d
This commit is contained in:
Colleen Murphy 2018-12-12 11:38:52 +01:00
parent 05ff55e250
commit f4b0061303
2 changed files with 0 additions and 75 deletions

View File

@ -1,74 +0,0 @@
Authentication middleware with user name and password
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You can also configure Identity authentication middleware using the
``admin_user`` and ``admin_password`` options.
.. note::
The ``admin_token`` option is deprecated and no longer used for
configuring auth_token middleware.
For services that have a separate paste-deploy ``.ini`` file, you can
configure the authentication middleware in the ``[keystone_authtoken]``
section of the main configuration file, such as ``nova.conf``. In
Compute, for example, you can remove the middleware parameters from
``api-paste.ini``, as follows:
.. code-block:: ini
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
And set the following values in ``nova.conf`` as follows:
.. code-block:: ini
[DEFAULT]
# ...
auth_strategy=keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/v3
identity_uri = http://controller:35357
admin_user = admin
admin_password = SuperSekretPassword
admin_tenant_name = service
.. note::
The middleware parameters in the paste config take priority. You
must remove them to use the values in the ``[keystone_authtoken]``
section.
.. note::
Comment out any ``auth_host``, ``auth_port``, and
``auth_protocol`` options because the ``identity_uri`` option
replaces them.
This sample paste config filter makes use of the ``admin_user`` and
``admin_password`` options:
.. code-block:: ini
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
www_authenticate_uri = http://controller:5000/v3
identity_uri = http://controller:35357
auth_token = 012345SECRET99TOKEN012345
admin_user = admin
admin_password = keystone123
.. note::
Using this option requires an admin project/role relationship. The
admin user is granted access to the admin role on the admin project.
.. note::
Comment out any ``auth_host``, ``auth_port``, and
``auth_protocol`` options because the ``identity_uri`` option
replaces them.

View File

@ -30,7 +30,6 @@ command-line client.
security-compliance.rst
resource-options.rst
performance.rst
auth-token-middleware.rst
service-api-protection.rst
troubleshoot.rst
unified-limits.rst