Ask Your Question

How to do api token renewal(or expiration extension)

asked 2014-06-06 07:04:47 -0600

akakios gravatar image

updated 2014-06-06 16:37:25 -0600

smaffulli gravatar image

I'm building a custom dashboard(as a replacement to horizon), but I'm having trouble managing token renewal in openstack(Icehouse). My goal is to "extend" a user's session as long as he is doing operations on the dashboard. I had two options:

  1. If the token's expiration is near, generate a token using an existing token and use the new token moving forward -- but the problem with this is that the new token's expiration issued by openstack has the same expiration as the old one.

  2. If the token's expiration is near, revoke the the token, query the user's credentials(i think this was still supported on keystone v2 on havana) through an admin session, and then get a token in behalf of the user and use that moving forward. But i think the ability to get a user's credential's is now not supported.

So, both can't really work -- can anybody point me to the right direction to be able to achieve what I intend to do?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2014-06-10 12:02:28 -0600

Duncan Thomas gravatar image

Cinder would like to be able to do this too, for example during long running backups. I shall watch this question with interest - I've not managed to find anything useful on the subject other than a suggestion 'It might be possible to abuse keystone trusts to get the result desired, but that isn't how trusts are meant to be used'.

edit flag offensive delete link more

answered 2014-06-10 21:33:23 -0600

Keystone doesn't have this feature as of now. But there is a proposal to implement this. Most probably it will be available by Juno release

This use case only handlles Horizion. It is better to check if cinder's use case will be addressed by this extesnion. If not this is the time to provide your feedback.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2014-06-06 07:04:47 -0600

Seen: 2,558 times

Last updated: Jun 10 '14