c22f2edeb7
This eliminates the need to do a get on each token in the user's index on token issuance. This change will change the maximum number of tokens that can be outstanding for a given user. This change is two-fold, first instead of using JSON to store the token IDs, the python list structure is being stored in memcached; second the expiry for the token is also stored in the list. The net result is that fewer tokens can be stored in the user's token index list due to an increase in data being stored per token in the index page. The new logic will attempt to upgrade the old json-style lists to the new format of [(token_id, expiry), ...] stored as a native python object in the memcache backend. This conversion will keep any outstanding tokens in the list from (<time_of_conversion> + <configured expiration of tokens>). This is done to ensure that tokens can still be invalidated by operations that invalidate tokens based upon user/project/trust/etc changes without causing potential lockups in keystone trying to retrieve all of the actual token expiration times from memcache. Closes-bug: #1251123 Change-Id: Ida39b4699ed6c568609a5121573fc3be5c4ab2f4 |
||
|---|---|---|
| bin | ||
| contrib | ||
| doc | ||
| etc | ||
| examples/pki | ||
| httpd | ||
| keystone | ||
| tools | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .mailmap | ||
| CONTRIBUTING.rst | ||
| HACKING.rst | ||
| LICENSE | ||
| MANIFEST.in | ||
| README.rst | ||
| babel.cfg | ||
| openstack-common.conf | ||
| requirements.txt | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
README.rst
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/, is published at:
The API specification is available at:
The API documentation is available at:
The canonical client library is available at:
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
For information on contributing to Keystone, see
CONTRIBUTING.rst.