On Tue, Aug 11, 2015 at 08:24:10PM -0600, Matt Fischer wrote: > It was covered some here: > http://lists.openstack.org/pipermail/openstack-dev/2015-July/069658.html > and some graphs here: http://www.mattfischer.com/blog/?p=672 > > tl;dr is that having revoked tokens affects keystone token validation and > tokens are validated on almost every API call unless you're using some > caching. > > It's not a reason to skip this idea, but its something I'm wary of since I > get the call whenever Keystone gets slow. Depending on how many revocations > it generates, I might turn it off. To be honest I'm not sure how much this > feature is used by our customers.
Thanks. I *think* we're talking about very different tokens. Stupid overloading of jargon :( The consoleauth token doesn't go near keystone. I'll double check and get back to you. Yours Tony.
pgpruyEZDD5lG.pgp
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
