Feature #9493
closed
Ability to disable keystone revocation polling when using UUID keystone provider
Added by Kyle Bader over 9 years ago.
Updated almost 7 years ago.
Description
When using a UUID keystone provider revocation is handled by deleting the token from the persistence backend (ie. no revocation lists). If rgw is using keystone authentication rgw_keystone_revocation_interval can be set to an arbitrary period, but it does not seem to have a means of disabling revocation entirely. Ideally there should be another tunable, or rgw_keystone_revocation_interval should allow being set to 0 or -1 to disable revocation polling.
https://bugzilla.redhat.com/show_bug.cgi?id=1142424
- Tracker changed from Bug to Feature
- Status changed from New to Pending Backport
- Assignee changed from Yehuda Sadeh to Marcus Watts
- Target version set to v10.2.8
- Related to Feature #19499: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 added
- Status changed from Pending Backport to Resolved
The PR is already being backported at #19499 - we don't need to flag it twice.
- Copied to Backport #19777: kraken: rgw: implement support for OS-REVOKE extension of OpenStack Identity API v3 added
- Copied to Backport #19772: jewel: rgw: swift: disable revocation thread under certain circumstances added
- Status changed from Resolved to Pending Backport
- Target version deleted (
v10.2.8)
- Backport set to jewel, kraken
- Status changed from Pending Backport to Resolved
Also available in: Atom
PDF