Merge lp:~vishvananda/nova/keystone-migration-ec2 into lp:~hudson-openstack/nova/trunk
Proposed by
Vish Ishaya
Status: | Merged |
---|---|
Approved by: | Brian Lamar |
Approved revision: | 1423 |
Merged at revision: | 1467 |
Proposed branch: | lp:~vishvananda/nova/keystone-migration-ec2 |
Merge into: | lp:~hudson-openstack/nova/trunk |
Diff against target: |
310 lines (+158/-20) 7 files modified
etc/nova/api-paste.ini (+28/-1) nova/api/auth.py (+75/-0) nova/api/ec2/__init__.py (+49/-4) nova/api/ec2/metadatarequesthandler.py (+1/-0) nova/tests/api/openstack/fakes.py (+3/-2) nova/tests/test_api.py (+2/-1) nova/wsgi.py (+0/-12) |
To merge this branch: | bzr merge lp:~vishvananda/nova/keystone-migration-ec2 |
Related bugs: | |
Related blueprints: |
Finalize Auth integration
(Essential)
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Brian Lamar (community) | Approve | ||
Dan Prince (community) | Approve | ||
Devin Carlen (community) | Needs Information | ||
Review via email: mp+71311@code.launchpad.net |
Description of the change
Next round of prep for keystone integration.
* adds middleware for authenticating ec2 signature with keystone
* adds middleware for converting keystone response into request context
* gives examples of alternative pipelines for keystone integration
Next steps:
* provide default config with no keystone integration (perhaps setting every context to admin?)
* write authmanager to keystone conversion code
* add api extension to create and destroy access/secret keys
* deprecate authmanager
* rename project to tenant
To post a comment you must log in.
A few questions first:
Why include AdminContext middleware if it's not being used? Does it provide any benefit currently?
The KeystoneContext middleware is strikingly similar to the KeystoneAuthShim in keystone/ middleware/ nova_auth_ token.py (in the Keystone project)... is this just another candidate for openstack-common?
Then some nits:
84 +"""
85 +Common Auth Middleware.
86 +
87 +"""
88 +
89 +from nova import context
90 +from nova import flags
91 +from nova import wsgi
92 +import webob.dec
93 +import webob.exc
"""Common Auth Middleware."""
import webob.dec
import webob.exc
from nova import context
from nova import flags
from nova import wsgi
104 + def __init__(self, context, *args, **kwargs):
Can you put a spacer before this?
139 + except:
except KeyError:
204 + except KeyError, e:
No need to specify e.