subject:"\[openstack\-dev\] \[Keystone\]\[Token expiration\]"

Re: [openstack-dev] [Keystone][Token expiration]

2017-04-10 Thread lương hữu tuấn

Thanks Dolph, I now have a pretty clear picture about it. Br, Tuan/Nokia On Mon, Apr 10, 2017 at 2:58 PM, Dolph Mathews wrote: > The token itself is still expired, regardless of where it's persisted, if > at all. Expired tokens are only considered valid when

Re: [openstack-dev] [Keystone][Token expiration]

2017-04-10 Thread Dolph Mathews

The token itself is still expired, regardless of where it's persisted, if at all. Expired tokens are only considered valid when presented as an X-Auth-Token to keystonemiddleware.auth_token along with a valid X-Service-Token, or when validating an X-Subject-Token against keystone directly using

Re: [openstack-dev] [Keystone][Token expiration]

2017-04-03 Thread lương hữu tuấn

Hi Dolph, Thanks for reply, it means that from the db point of view, token is expired but it is still passed to other service users in request (token stored in memory?) and keystone allows this expired token? And to make this feature working, we should apply the header of "X-Service-Token" and

Re: [openstack-dev] [Keystone][Token expiration]

2017-04-03 Thread Dolph Mathews

> does it mean that the token now will live forever No; it behaves as described in the document you linked. If you have any specific security concerns, please raise them appropriately (such as a security bug, if necessary). On Mon, Apr 3, 2017 at 5:27 AM lương hữu tuấn

Re: [openstack-dev] [Keystone][Token expiration]

Re: [openstack-dev] [Keystone][Token expiration]

Re: [openstack-dev] [Keystone][Token expiration]

Re: [openstack-dev] [Keystone][Token expiration]

4 matches

Site Navigation

Mail list logo

Footer information