This sounds like something that was discussed during the PTG. The oslo team was exploring ways to implement this, which would be consumable to keystonemiddleware as a library [0].
[0] https://etherpad.openstack.org/p/oslo-ptg-queens On 10/11/2017 07:43 AM, pnkk wrote: > Hi, > > We have our API server(based on pyramid) integrated with keystone for > AuthN/AuthZ. > So our service has a *.conf file which has [keystone_authtoken] > section that defines all the stuff needed for registering to keystone. > > WSGI pipeline will first get filtered with keystone auth token and > then get into our application functionality. > > Now as part of hardening, we want to save an encrypted password(admin > password) in the conf file. > Where should I put the decryption logic so it gets passed to the > middleware in the needed format? > > Appreciate your help! > > Thanks, > Kanthi > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
signature.asc
Description: OpenPGP digital signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev