On Thu, Mar 03, 2011 at 02:46:13PM -0800, Michael Mayo wrote: > >> This is true. An endpoint list is certainly necessary, but it would be > >> great if I only needed to call that one time instead of every time an auth > >> token expires. > > > > You would probably want to refresh the service list somewhat regularly > > though, so perhaps we can time the refresh rate with the expiration > > time for the token. :) > > Yeah that works fine for the mobile clients I'm building, since their purpose > is to expose a nice UI for every possible OpenStack service available, but > for someone who wants to use a single service (swift only, for example), > there would be no use for ever needing to get a service list, except via curl > one time during development to get the swift endpoint. In that person's > case, a separate auth request is wasteful compared to using HTTP Basic or > request signing.
Sure, then their deployment can use basic auth instead. A default is tough though, since everyone will have different needs. I would probably vote for token if we think folks will be multi-service by default. I'm fine with whatever other folks think is a more appropriate default though, it's really just a guessing game. :) -Eric _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
