dea6aff927
* modifies credentials to store tenant id * adds credentials backend api * cleans up a bunch of whitespace errors * adds new /ec2token endpoint for new logic * fixes unit/base.py test case * adds unittests for ec2_authn * includes compatibility for clients that ignore ports Change-Id: I1bd1e549cc74cbb708059b07b2928bf09c8ba1ca
82 lines
2.3 KiB
Plaintext
Executable File
82 lines
2.3 KiB
Plaintext
Executable File
[DEFAULT]
|
|
# Show more verbose log output (sets INFO log level output)
|
|
verbose = False
|
|
|
|
# Show debugging output in logs (sets DEBUG log level output)
|
|
debug = False
|
|
|
|
# Which backend store should Keystone use by default.
|
|
# Default: 'sqlite'
|
|
# Available choices are 'sqlite' [future will include LDAP, PAM, etc]
|
|
default_store = sqlite
|
|
|
|
# Log to this file. Make sure you do not set the same log
|
|
# file for both the API and registry servers!
|
|
log_file = keystone.log
|
|
|
|
# List of backends to be configured
|
|
backends = keystone.backends.sqlalchemy
|
|
#For LDAP support, add: ,keystone.backends.ldap
|
|
|
|
# Dictionary Maps every service to a header.Missing services would get header
|
|
# X_(SERVICE_NAME) Key => Service Name, Value => Header Name
|
|
service-header-mappings = {
|
|
'nova' : 'X-Server-Management-Url',
|
|
'swift' : 'X-Storage-Url',
|
|
'cdn' : 'X-CDN-Management-Url'}
|
|
|
|
# Address to bind the API server
|
|
# TODO Properties defined within app not available via pipeline.
|
|
service_host = 0.0.0.0
|
|
|
|
# Port the bind the API server to
|
|
service_port = 5000
|
|
|
|
# Address to bind the Admin API server
|
|
admin_host = 0.0.0.0
|
|
|
|
# Port the bind the Admin API server to
|
|
admin_port = 5001
|
|
|
|
#Role that allows to perform admin operations.
|
|
keystone-admin-role = Admin
|
|
|
|
#Role that allows to perform service admin operations.
|
|
keystone-service-admin-role = KeystoneServiceAdmin
|
|
|
|
[keystone.backends.sqlalchemy]
|
|
# SQLAlchemy connection string for the reference implementation registry
|
|
# server. Any valid SQLAlchemy connection string is fine.
|
|
# See: http://bit.ly/ideIpI
|
|
sql_connection = sqlite:///keystone.db
|
|
backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant',
|
|
'User', 'Credentials', 'EndpointTemplates', 'Token',
|
|
'Service']
|
|
|
|
# Period in seconds after which SQLAlchemy should reestablish its connection
|
|
# to the database.
|
|
sql_idle_timeout = 30
|
|
|
|
[pipeline:admin]
|
|
pipeline =
|
|
urlrewritefilter
|
|
admin_api
|
|
|
|
[pipeline:keystone-legacy-auth]
|
|
pipeline =
|
|
urlrewritefilter
|
|
legacy_auth
|
|
service_api
|
|
|
|
[app:service_api]
|
|
paste.app_factory = keystone.server:service_app_factory
|
|
|
|
[app:admin_api]
|
|
paste.app_factory = keystone.server:admin_app_factory
|
|
|
|
[filter:urlrewritefilter]
|
|
paste.filter_factory = keystone.middleware.url:filter_factory
|
|
|
|
[filter:legacy_auth]
|
|
paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory
|