From 1b86380e2e3b2990637d3219ed85da74d70f6371 Mon Sep 17 00:00:00 2001 From: Chmouel Boudjnah Date: Fri, 25 Jan 2013 14:27:08 +0100 Subject: [PATCH] Add generated keystone documentation to misc.rst. - Change a bit the formatting of the documention as well. - Fix WARNING: Title underline too short. in misc.rst. Change-Id: I2f4e36bcb5e01e984f0af0152bc5b3b9f7e942ce --- doc/source/misc.rst | 10 +++++++++- swift/common/middleware/keystoneauth.py | 11 ++++++----- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/doc/source/misc.rst b/doc/source/misc.rst index 5db87d7075..1037672505 100644 --- a/doc/source/misc.rst +++ b/doc/source/misc.rst @@ -44,6 +44,14 @@ TempAuth .. _acls: +KeystoneAuth +============ + +.. automodule:: swift.common.middleware.keystoneauth + :members: + :show-inheritance: + + ACLs ==== @@ -180,7 +188,7 @@ Bulk Operations (Delete and Archive Auto Extraction) :show-inheritance: Container Quotas -============= +================ .. automodule:: swift.common.middleware.container_quotas :members: diff --git a/swift/common/middleware/keystoneauth.py b/swift/common/middleware/keystoneauth.py index b50b448016..296bfb975b 100644 --- a/swift/common/middleware/keystoneauth.py +++ b/swift/common/middleware/keystoneauth.py @@ -40,14 +40,15 @@ class KeystoneAuth(object): If support is required for unvalidated users (as with anonymous access) or for tempurl/formpost middleware, authtoken will need - to be configured with delay_auth_decision set to 1. See the + to be configured with ``delay_auth_decision`` set to 1. See the Keystone documentation for more detail on how to configure the authtoken middleware. In proxy-server.conf you will need to have the setting account auto creation to true:: - [app:proxy-server] account_autocreate = true + [app:proxy-server] + account_autocreate = true And add a swift authorization filter section, such as:: @@ -58,18 +59,18 @@ class KeystoneAuth(object): This maps tenants to account in Swift. The user whose able to give ACL / create Containers permissions - will be the one that are inside the operator_roles + will be the one that are inside the ``operator_roles`` setting which by default includes the admin and the swiftoperator roles. If you need to have a different reseller_prefix to be able to mix different auth servers you can configure the option - reseller_prefix in your keystoneauth entry like this : + ``reseller_prefix`` in your keystoneauth entry like this:: reseller_prefix = NEWAUTH_ Make sure you have a underscore at the end of your new - reseller_prefix option. + ``reseller_prefix`` option. :param app: The next WSGI app in the pipeline :param conf: The dict of configuration values