diff options
author | asteroide <thomas.duval@orange.com> | 2015-09-24 14:39:09 +0200 |
---|---|---|
committer | asteroide <thomas.duval@orange.com> | 2015-09-24 14:39:09 +0200 |
commit | 0be7a3d4e0647dc0d94a34e4fc2f8c364de46602 (patch) | |
tree | 14214bb0bbf2430b6ee0df387ddbdbf13c4c4d63 /keystonemiddleware-moon/doc/source | |
parent | e35decd4e989773c96a9abb263257291bd51ae1e (diff) |
Update code from KeystoneMiddleware Github repository (Master).
Change-Id: Id28c5bf48b3dbb6c8a08e66411b5785029f6857d
Diffstat (limited to 'keystonemiddleware-moon/doc/source')
-rw-r--r-- | keystonemiddleware-moon/doc/source/conf.py | 2 | ||||
-rw-r--r-- | keystonemiddleware-moon/doc/source/middlewarearchitecture.rst | 22 |
2 files changed, 19 insertions, 5 deletions
diff --git a/keystonemiddleware-moon/doc/source/conf.py b/keystonemiddleware-moon/doc/source/conf.py index 069382be..ff4b24cc 100644 --- a/keystonemiddleware-moon/doc/source/conf.py +++ b/keystonemiddleware-moon/doc/source/conf.py @@ -113,7 +113,7 @@ add_module_names = True pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] +modindex_common_prefix = ['keystonemiddleware.'] # Grouping the document tree for man pages. # List of tuples 'sourcefile', 'target', 'title', 'Authors name', 'manual' diff --git a/keystonemiddleware-moon/doc/source/middlewarearchitecture.rst b/keystonemiddleware-moon/doc/source/middlewarearchitecture.rst index e02aad45..8d84d083 100644 --- a/keystonemiddleware-moon/doc/source/middlewarearchitecture.rst +++ b/keystonemiddleware-moon/doc/source/middlewarearchitecture.rst @@ -196,7 +196,7 @@ a WSGI component. Example for the auth_token middleware: # value) #signing_dir=<None> - # If defined, the memcache server(s) to use for caching (list + # If defined, the memcached server(s) to use for caching (list # value) # Deprecated group/name - [DEFAULT]/memcache_servers #memcached_servers=<None> @@ -271,6 +271,20 @@ and set in ``nova.conf``: Note that middleware parameters in paste config take priority, they must be removed to use values in [keystone_authtoken] section. +If the service doesn't use the global oslo.config object (CONF), then the +olso config project name can be set it in paste config and +keystonemiddleware will load the project configuration itself. +Optionally the location of the configuration file can be set if oslo.config +is not able to discover it. + +.. code-block:: ini + + [filter:authtoken] + paste.filter_factory = keystonemiddleware.auth_token:filter_factory + oslo_config_project = nova + # oslo_config_file = /not_discoverable_location/nova.conf + + Configuration Options --------------------- @@ -315,7 +329,7 @@ Configuration Options * ``signing_dir``: (optional) Directory used to cache files related to PKI tokens -* ``memcached_servers``: (optional) If defined, the memcache server(s) to use +* ``memcached_servers``: (optional) If defined, the memcached server(s) to use for caching * ``token_cache_time``: (default 300) In order to prevent excessive requests and validations, the middleware uses an in-memory cache for the tokens the @@ -350,7 +364,7 @@ invalidated tokens may continue to work if they are still in the token cache, so token_cache_time is configurable. For larger deployments, the middleware also supports memcache based caching. -* ``memcached_servers``: (optonal) if defined, the memcache server(s) to use for +* ``memcached_servers``: (optonal) if defined, the memcached server(s) to use for cacheing. It will be ignored if Swift MemcacheRing is used instead. * ``token_cache_time``: (optional, default 300 seconds) Set to -1 to disable caching completely. @@ -391,7 +405,7 @@ Memcache Protection When using memcached, we are storing user tokens and token validation information into the cache as raw data. Which means that anyone who -has access to the memcache servers can read and modify data stored +has access to the memcached servers can read and modify data stored there. To mitigate this risk, ``auth_token`` middleware provides an option to authenticate and optionally encrypt the token data stored in the cache. |