gholt
commented
9 years ago Seems fine to me. The previous thought behind the two or more auth systems use case was that each would use different reseller prefixes, but I suppose this would allow Keystone and Swauth to use the same prefixes. It could get confusing when tracking logs and usage trying to determine which system authorized which request; but that should only be a problem with those that configure their systems to do so.
It would be nice if swauth could be used with keystone at the same time, because keystone does not provide local users within an account (all users are global). The creation of external users (which do not have to be stored in the keystone database / ldap) would be easily doable.
A quick solution is to add in line 195 in middleware.py: