I'm not seeing where CONF.trove_auth_url is used. I understand that we pass it to the clients but, from what I can tell, the clients don't use that value except in the event of a token expiration. And as SlickNik pointed out, we can't handle a token expiration anyway as we don't have credentials to re-submit.
Trove passes each client its endpoint aka bypass_url aka management_url aka preauthurl so the client doesn't need to contact Keystone. And Trove gets the endpoints from CONF.*_url or from the Keystone service catalog. The service catalog from Keystone is injected into the request by the keystone client middleware after it authenticates the incoming token. So the only place where Trove needs Keystone is api-paste.ini. Am I missing something?
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
