Configurable token hashing

Provide an option for operator to turn off token
hashing to be performed by horizon.

In some deployment where PKI token format is used
for keystone, token hashing causes issue and results
to 401 error in horizon.

Change-Id: I187b1486db2e453fd49298e1478e30abe97e54fe
Closes-Bug: #1473588
This commit is contained in:
lin-hua-cheng 2015-07-13 15:51:58 -07:00 committed by Lin Hua Cheng
parent ff51ae3a5e
commit ece924a79d
1 changed files with 4 additions and 2 deletions

View File

@ -23,6 +23,7 @@ from openstack_auth import utils
LOG = logging.getLogger(__name__)
_TOKEN_HASH_ENABLED = getattr(settings, 'OPENSTACK_TOKEN_HASH_ENABLED', True)
def set_session_from_user(request, user):
@ -81,8 +82,9 @@ class Token(object):
# Token-related attributes
self.id = auth_ref.auth_token
self.unscoped_token = unscoped_token
if (keystone_cms.is_asn1_token(self.id)
or keystone_cms.is_pkiz(self.id)):
if (_TOKEN_HASH_ENABLED and
(keystone_cms.is_asn1_token(self.id)
or keystone_cms.is_pkiz(self.id))):
algorithm = getattr(settings, 'OPENSTACK_TOKEN_HASH_ALGORITHM',
'md5')
hasher = hashlib.new(algorithm)