diff --git a/swift/common/middleware/keystoneauth.py b/swift/common/middleware/keystoneauth.py
index b50f77cf14..0367b3b76f 100644
--- a/swift/common/middleware/keystoneauth.py
+++ b/swift/common/middleware/keystoneauth.py
@@ -196,7 +196,7 @@ class KeystoneAuth(object):
             conf.get('allow_names_in_acls', 'true'))
 
     def __call__(self, environ, start_response):
-        identity = self._keystone_identity(environ)
+        env_identity = self._keystone_identity(environ)
 
         # Check if one of the middleware like tempurl or formpost have
         # set the swift.authorize_override environ and want to control the
@@ -207,14 +207,13 @@ class KeystoneAuth(object):
             self.logger.debug(msg)
             return self.app(environ, start_response)
 
-        if identity:
-            self.logger.debug('Using identity: %r', identity)
-            environ['keystone.identity'] = identity
-            environ['REMOTE_USER'] = identity.get('tenant')
-            env_identity = self._integral_keystone_identity(environ)
+        if env_identity:
+            self.logger.debug('Using identity: %r', env_identity)
+            environ['REMOTE_USER'] = env_identity.get('tenant')
+            environ['keystone.identity'] = env_identity
             environ['swift.authorize'] = functools.partial(
                 self.authorize, env_identity)
-            user_roles = (r.lower() for r in identity.get('roles', []))
+            user_roles = (r.lower() for r in env_identity.get('roles', []))
             if self.reseller_admin_role in user_roles:
                 environ['reseller_request'] = True
         else:
@@ -238,26 +237,11 @@ class KeystoneAuth(object):
 
     def _keystone_identity(self, environ):
         """Extract the identity from the Keystone auth component."""
-        # In next release, we would add user id in env['keystone.identity'] by
-        # using _integral_keystone_identity to replace current
-        # _keystone_identity. The purpose of keeping it in this release it for
-        # back compatibility.
         if (environ.get('HTTP_X_IDENTITY_STATUS') != 'Confirmed'
             or environ.get(
                 'HTTP_X_SERVICE_IDENTITY_STATUS') not in (None, 'Confirmed')):
             return
         roles = list_from_csv(environ.get('HTTP_X_ROLES', ''))
-        identity = {'user': environ.get('HTTP_X_USER_NAME'),
-                    'tenant': (environ.get('HTTP_X_TENANT_ID'),
-                               environ.get('HTTP_X_TENANT_NAME')),
-                    'roles': roles}
-        return identity
-
-    def _integral_keystone_identity(self, environ):
-        """Extract the identity from the Keystone auth component."""
-        if environ.get('HTTP_X_IDENTITY_STATUS') != 'Confirmed':
-            return
-        roles = list_from_csv(environ.get('HTTP_X_ROLES', ''))
         service_roles = list_from_csv(environ.get('HTTP_X_SERVICE_ROLES', ''))
         identity = {'user': (environ.get('HTTP_X_USER_ID'),
                              environ.get('HTTP_X_USER_NAME')),
diff --git a/test/unit/common/middleware/test_keystoneauth.py b/test/unit/common/middleware/test_keystoneauth.py
index 24dd1a0d8d..a81565119d 100644
--- a/test/unit/common/middleware/test_keystoneauth.py
+++ b/test/unit/common/middleware/test_keystoneauth.py
@@ -582,7 +582,7 @@ class BaseTestAuthorize(unittest.TestCase):
                                  user_domain_id)
         token_info = _fake_token_info(version=auth_version)
         env.update({'keystone.token_info': token_info})
-        return self.test_auth._integral_keystone_identity(env)
+        return self.test_auth._keystone_identity(env)
 
 
 class TestAuthorize(BaseTestAuthorize):
@@ -604,7 +604,7 @@ class TestAuthorize(BaseTestAuthorize):
         req = self._make_request(path, headers=headers, environ=default_env)
         req.acl = acl
 
-        env_identity = self.test_auth._integral_keystone_identity(req.environ)
+        env_identity = self.test_auth._keystone_identity(req.environ)
         result = self.test_auth.authorize(env_identity, req)
 
         # if we have requested an exception but nothing came back then
@@ -912,25 +912,6 @@ class TestAuthorize(BaseTestAuthorize):
         self._check_authenticate(acl=acl, identity=id, env=env)
 
     def test_keystone_identity(self):
-        user_name = 'U_NAME'
-        project = ('P_ID', 'P_NAME')
-        roles = ('ROLE1', 'ROLE2')
-
-        req = Request.blank('/v/a/c/o')
-        req.headers.update({'X-Identity-Status': 'Confirmed',
-                            'X-Roles': ' %s , %s ' % roles,
-                            'X-User-Name': user_name,
-                            'X-Tenant-Id': project[0],
-                            'X-Tenant-Name': project[1]})
-
-        expected = {'user': user_name,
-                    'tenant': project,
-                    'roles': list(roles)}
-        data = self.test_auth._keystone_identity(req.environ)
-
-        self.assertEqual(expected, data)
-
-    def test_integral_keystone_identity(self):
         user = ('U_ID', 'U_NAME')
         roles = ('ROLE1', 'ROLE2')
         service_roles = ('ROLE3', 'ROLE4')
@@ -940,7 +921,7 @@ class TestAuthorize(BaseTestAuthorize):
 
         # no valid identity info in headers
         req = Request.blank('/v/a/c/o')
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(None, data)
 
         # valid identity info in headers, but status unconfirmed
@@ -954,7 +935,7 @@ class TestAuthorize(BaseTestAuthorize):
                             'X-User-Domain-Name': user_domain[1],
                             'X-Project-Domain-Id': project_domain[0],
                             'X-Project-Domain-Name': project_domain[1]})
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(None, data)
 
         # valid identity info in headers, no token info in environ
@@ -966,7 +947,7 @@ class TestAuthorize(BaseTestAuthorize):
                     'user_domain': (None, None),
                     'project_domain': (None, None),
                     'auth_version': 0}
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(expected, data)
 
         # v2 token info in environ
@@ -978,7 +959,7 @@ class TestAuthorize(BaseTestAuthorize):
                     'user_domain': (None, None),
                     'project_domain': (None, None),
                     'auth_version': 2}
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(expected, data)
 
         # v3 token info in environ
@@ -990,7 +971,7 @@ class TestAuthorize(BaseTestAuthorize):
                     'user_domain': user_domain,
                     'project_domain': project_domain,
                     'auth_version': 3}
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(expected, data)
 
         # service token in environ
@@ -1002,7 +983,7 @@ class TestAuthorize(BaseTestAuthorize):
                     'user_domain': user_domain,
                     'project_domain': project_domain,
                     'auth_version': 3}
-        data = self.test_auth._integral_keystone_identity(req.environ)
+        data = self.test_auth._keystone_identity(req.environ)
         self.assertEqual(expected, data)
 
     def test_get_project_domain_id(self):