Update doc for include_service_catalog with app cred

Code Issues Proposed changes

If swift is used with an Application Credential with access_rules [1],
the catalog needs to be sent with the token for it to be evaluated by
keystonemiddleware.
[1]: https://docs.openstack.org/keystone/2023.1/user/application_credentials.html#access-rules
Change-Id: I0b02821722ffc819bc8a97281a33391072242ffc

This commit is contained in:

Jake Yip

2023年08月11日 13:25:38 +10:00

parent 6444ef9be0

commit 8a2c8b128b

1 changed files with 3 additions and 4 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

7
doc/source/overview_auth.rst

View File

@@ -174,10 +174,9 @@ your situation, but in short:

will get the Swift memcache from the request environment.

* ``include_service_catalog`` defaults to ``True`` if not set. This means

that when validating a token, the service catalog is retrieved

and stored in the ``X-Service-Catalog`` header. Since Swift does not

use the ``X-Service-Catalog`` header, there is no point in getting

the service catalog. We recommend you set ``include_service_catalog``

to ``False``.

and stored in the ``X-Service-Catalog`` header. This is required if you use

access-rules in Application Credentials. You may also need to increase

`max_header_size`.

.. note::

Update doc for include_service_catalog with app cred

7 doc/source/overview_auth.rst Unescape Escape View File

7
doc/source/overview_auth.rst

View File