search

osvt / patron

Patron - Access Control as a Service for OpenStack
171 stars 4 forks source link

Attaching the AEM middleware to the Nova and Neutron services #1

Open Oqaily opened 6 years ago

Oqaily commented 6 years ago

I was trying to run the code uploaded on github using OpenStack Mitaka release, I successfully downloaded the patron service on the control node, and then attached the AEM middleware to the Nova and Neutron services. However, I don't think that the middleware is working as its supposed to be. I think maybe I didn't attach it correctly, can you please show how to attach AEM middleware to OpenStack services?

following are the steps I followed to attach the midddleware to both the Nova and Neutron services: -in the Nova api-paste.ini file I added the following lines:

  1. in the Nova's WSGI pipeline
[composite:openstack_compute_api_legacy_v2]

use = call:nova.api.auth:pipeline_factory

.

.

keystone_nolimit = cors compute_req_id faultwrap sizelimit authtoken keystonecontext patron_verify osapi_compute_app_v2

[filter:patron_verify]

paste.filter_factory = patron.aem.patron_verify:PatronVerify.factory
  1. in the Neutron's WSGI pipeline
[composite:neutronapi_v2_0]

use = call:neutron.auth:pipeline_factory

noauth = cors http_proxy_to_wsgi request_id catch_errors extensions neutronapiapp_v2_0

keystone = cors http_proxy_to_wsgi request_id catch_errors authtoken keystonecontext extensions neutronapiapp_v2_0

keystone_nolimit = cors http_proxy_to_wsgi request_id catch_errors authtoken keystonecontext extensions patron_verify neutronapiapp_v2_0

[filter:patron_verify]

paste.filter_factory = patron.aem.patron_verify:PatronVerify.factory
hsluoyz commented 6 years ago

Can you debug AEM? Like adding print to AEM, see if the string is printed out?

hsluoyz commented 6 years ago

And try to see how other filters are attached, maybe the version of AEM is not compatible with your version.

Oqaily commented 6 years ago

I tried to add print(" Middleware test "), and also tried to add LOG.info("middleware test"), but it seems that the middlware is not called at all

hsluoyz commented 6 years ago

If I remember right, OSM framework is developed under OpenStack Juno release. So the interface may have changed in the Mitaka release. I think you need to refer to how latest middleware is setup for Mitaka release, then port OSM to Mitaka to make it work.