From 4f7c44a9d7921849da0f3eecd23c26b65ec71435 Mon Sep 17 00:00:00 2001
From: Tim Burke <tim.burke@gmail.com>
Date: Tue, 2 Jul 2019 11:21:33 -0700
Subject: [PATCH] Add information about secret_cache_duration to sample config

Related-Change-Id: Id0c01da6aa6ca804c8f49a307b5171b87ec92228
Change-Id: Ica740c28b47aa3f3b38dbfed4a7f5662ec46c2c4
---
 etc/proxy-server.conf-sample | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/etc/proxy-server.conf-sample b/etc/proxy-server.conf-sample
index 5f9712e00b..e0cb65717c 100644
--- a/etc/proxy-server.conf-sample
+++ b/etc/proxy-server.conf-sample
@@ -604,6 +604,20 @@ http_timeout = 10.0
 # You can override the default log routing for this filter here:
 # log_name = s3token
 
+# Secrets may be cached to reduce latency for the client and load on Keystone.
+# Set this to some number of seconds greater than zero to enable caching.
+# secret_cache_duration = 0
+
+# Secret caching requires Keystone credentials similar to the authtoken middleware;
+# these credentials require access to view all project credentials.
+# auth_url = http://keystonehost:35357
+# auth_plugin = password
+# project_domain_id = default
+# project_name = service
+# user_domain_id = default
+# username = swift
+# password = password
+
 [filter:healthcheck]
 use = egg:swift#healthcheck
 # An optional filesystem path, which if present, will cause the healthcheck