On 11 September 2014 03:17, Angus Lees <[email protected]> wrote: > (As inspired by eg kerberos) > 2. Ensure at some environmental/top layer that the advertised token lifetime > exceeds the timeout set on the request, before making the request. This > implies (since there's no special handling in place) failing if the token was > expired earlier than expected.
We've a related problem in cinder (cinder-backup uses the user's token to talk to swift, and the backup can easily take longer than the token expiry time) which could not be solved by this, since the time the backup takes is unknown (compression, service and resource contention, etc alter the time by multiple orders of magnitude) _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
