Keystone gurus, Can you help put me straight on expected Authentication behaviour when using an LDAP identity backend. In the scenario where a user is granted a token (keystone token-get) should they not be able to make repeated API calls, e.g *glance --os-auth-token xxxxxxx image-list * until the token expires?
I ask as using *tcpdump* I am seeing AuthN traffic between keystone and LDAP each time I execute an API call - a call that includes an unexpired token. I was assuming that by using an unexpired token a user avoids having to make an AuthN call. Is that not the case? Cheers Mike. Am using icehouse with token format set to PKI , caching enabled (memcached )
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
