According to Morgan, we're 40 days from dropping support for eventlet
completely, so adding a new configuration option wouldn't provide much
benefit.
In addition, the length of PKI tokens is a widely known issue that has
gone largely unaddressed (besides the introduction of PKIZ as a
compressed alternative). Switching to either UUID or Fernet is the
recommended workaround.
** Tags added: pki
** Tags added: eventlet
** Changed in: keystone
Status: In Progress => Invalid
** Changed in: keystone
Status: Invalid => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1491817
Title:
Revoking large token fails with "Request-URI Too Long (HTTP 414)"
Status in Keystone:
Won't Fix
Bug description:
When running keystone in a eventlet based configuration in a setup
with a lot of (long) endpoints defined I ran into tempest failures.
It turns out that when it tries to revoke some keystone tokens in e.g.
the api/identity/admin/v2/test_roles_negative.py tests the resulting
request URI for the v2 API (DELETE /v2.0/tokens/<pki-token>) was too
long for eventlet's defaults and there is currently no way to change
that limit in keystone.conf.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1491817/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
