Project

General

Profile

Feature #9493

Ability to disable keystone revocation polling when using UUID keystone provider

Added by Kyle Bader over 2 years ago. Updated 28 days ago.

Status:
Resolved
Priority:
High
Assignee:
Target version:
Start date:
09/16/2014
Due date:
% Done:

0%

Source:
other
Tags:
Backport:
Reviewed:
User Impact:
Affected Versions:
Release:
Needs Doc:
No

Description

When using a UUID keystone provider revocation is handled by deleting the token from the persistence backend (ie. no revocation lists). If rgw is using keystone authentication rgw_keystone_revocation_interval can be set to an arbitrary period, but it does not seem to have a means of disabling revocation entirely. Ideally there should be another tunable, or rgw_keystone_revocation_interval should allow being set to 0 or -1 to disable revocation polling.

https://bugzilla.redhat.com/show_bug.cgi?id=1142424


Related issues

Related to Feature #19499: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 Pending Backport 04/05/2017

History

#1 Updated by Yehuda Sadeh over 2 years ago

  • Tracker changed from Bug to Feature

#2 Updated by Marcus Watts about 1 month ago

I've created a pull request that addresses this: https://github.com/ceph/ceph/pull/14501

#3 Updated by Marcus Watts 28 days ago

  • Status changed from New to Pending Backport
  • Assignee changed from Yehuda Sadeh to Marcus Watts
  • Target version set to v10.2.8

#4 Updated by Marcus Watts 28 days ago

Jewel backport is in this PR
https://github.com/ceph/ceph/pull/14789

#5 Updated by Nathan Cutler 28 days ago

  • Related to Feature #19499: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 added

#6 Updated by Nathan Cutler 28 days ago

  • Status changed from Pending Backport to Resolved

The PR is already being backported at #19499 - we don't need to flag it twice.

Also available in: Atom PDF