On 11/27/2013 05:21 PM, Georgy Okrokvertskhov wrote: > Hi, > > I am working on the user-authentication BP implementation. I need to > introduce a new configuration option for enable or disable keystone > authentication for incoming request. I am looking for a right place for > this option. > > The current situation is that we have two places for configuration, one > is oslo.config and second one is a pecan configuration. My initial > intension was to add all parameters to solum.conf file like it is done > for nova. Keystone middleware anyway use oslo.config for keystone > connection parameters. > At the same time there are projects (Ceilometer and Ironic) which have > enable_acl parameter as a part of pecan config. > > From my perspective it is not reasonable to have authentication options > in two different places. I would rather use solum.conf for all > parameters and limit pecan config usage to pecan specific options. > > I am looking for your input on this.
I noticed that it's in the pecan app config for ceilometer, and that's why I suggested that here. It makes sense to me. It's logically similar to configuring the pipelines in api-paste.ini for other projects, such as nova, to include or not include the keystone middleware. -- Russell Bryant _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
