keystone/releasenotes/notes/admin_token-c634ec12fc714255.yaml
Adam Young 37e9d6bbf1 Disable Admin tokens set to None
Partial-Bug: 1545761

Change-Id: Ie292f447f2fe1357824b322817b1585c82d0c552
2016-02-16 20:00:34 +00:00

12 lines
626 B
YAML

---
security:
- The admin_token method of authentication was never intended to be
used for any purpose other than bootstrapping an install. However
many deployments had to leave the admin_token method enabled due
to restrictions on editing the paste file used to configure the
web pipelines. To minimize the risk from this mechanism, the
`admin_token` configuration value now defaults to a python `None`
value. In addition, if the value is set to `None`, either explicitly or
implicitly, the `admin_token` will not be enabled, and an attempt to
use it will lead to a failed authentication.