Provide option for auth_token middleware to do memcache encryption & integrity check
As we know, memcache servers are not very well protected, which
means anyone have access to them can replace information stored there. Therefore, it would be beneficial for Keystone auth_token middleware to provide an option to either encrypt or hmac the values stored in the memcache.
This feature shall accept two configurable options:
1) memcache_
2) encryption_
the encryption or hmac key
Granted, PKI tokens makes memcache less relevant. But not everyone is ready
to switch over to PKI tokens just yet. So in the short term, memcache
protection is still very useful.
Whiteboard
this has been implemented in keystoneclient; is this bp specifically referring to keystone? -dolph
it is for keystoneclient. We should just close it as implemented. (gyee)