Actions
Feature #9493
closedAbility to disable keystone revocation polling when using UUID keystone provider
% Done:
0%
Source:
other
Tags:
Backport:
jewel, kraken
Reviewed:
Affected Versions:
Pull request ID:
Description
When using a UUID keystone provider revocation is handled by deleting the token from the persistence backend (ie. no revocation lists). If rgw is using keystone authentication rgw_keystone_revocation_interval can be set to an arbitrary period, but it does not seem to have a means of disabling revocation entirely. Ideally there should be another tunable, or rgw_keystone_revocation_interval should allow being set to 0 or -1 to disable revocation polling.
Updated by Marcus Watts about 7 years ago
I've created a pull request that addresses this: https://github.com/ceph/ceph/pull/14501
Updated by Marcus Watts about 7 years ago
- Status changed from New to Pending Backport
- Assignee changed from Yehuda Sadeh to Marcus Watts
- Target version set to v10.2.8
Updated by Marcus Watts about 7 years ago
Jewel backport is in this PR
https://github.com/ceph/ceph/pull/14789
Updated by Nathan Cutler about 7 years ago
- Related to Feature #19499: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 added
Updated by Nathan Cutler about 7 years ago
- Status changed from Pending Backport to Resolved
The PR is already being backported at #19499 - we don't need to flag it twice.
Updated by Nathan Cutler almost 7 years ago
- Copied to Backport #19777: kraken: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 added
Updated by Nathan Cutler almost 7 years ago
- Copied to Backport #19772: jewel: rgw: swift: disable revocation thread under certain circumstances added
Updated by Nathan Cutler almost 7 years ago
- Status changed from Resolved to Pending Backport
- Target version deleted (
v10.2.8)
Updated by Nathan Cutler almost 7 years ago
- Status changed from Pending Backport to Resolved
Actions