diff options
| author | Jenkins <jenkins@review.openstack.org> | 2014-12-16 02:18:20 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2014-12-16 02:18:20 +0000 |
| commit | 81e48d44ff79d58ec6b983f475ff008c9f7f3b0e (patch) | |
| tree | a4bd02331fe9f20f5b1c6982b156968e3d67ff40 /doc | |
| parent | b9f17e3bbbd901abfafba9fca867bf106ac59478 (diff) | |
| parent | eb251b5af96ba031fbb04de32d9cdec8917b3b23 (diff) | |
| download | python-keystoneclient-81e48d44ff79d58ec6b983f475ff008c9f7f3b0e.tar.gz | |
Merge "Document session usage first"
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/source/using-api-v3.rst | 54 |
1 files changed, 30 insertions, 24 deletions
diff --git a/doc/source/using-api-v3.rst b/doc/source/using-api-v3.rst index d339636..61b2b9d 100644 --- a/doc/source/using-api-v3.rst +++ b/doc/source/using-api-v3.rst @@ -81,11 +81,32 @@ exception it will raise an instance of subclass of ``keystoneclient.exceptions.ClientException`` (see :py:class:`keystoneclient.openstack.common.apiclient.exceptions.ClientException`) -Authenticating -============== +Authenticating Using Sessions +============================= -You can authenticate against Keystone using a username, a user domain -name (which will default to 'Default' if it is not specified) and a +Instantiate a :py:class:`keystoneclient.v3.client.Client` using a +:py:class:`~keystoneclient.session.Session` to provide the authentication +plugin, SSL/TLS certificates, and other data:: + + >>> from keystoneclient.auth.identity import v3 + >>> from keystoneclient import session + >>> from keystoneclient.v3 import client + >>> auth = v3.Password(auth_url='https://my.keystone.com:5000/v3', + ... user_id='myuserid', + ... password='mypassword', + ... project_id='myprojectid') + >>> sess = session.Session(auth=auth) + >>> keystone = client.Client(session=sess) + +For more information on Sessions refer to: `Using Sessions`_. + +.. _`Using Sessions`: using-sessions.html + +Non-Session Authentication (deprecated) +======================================= + +The *deprecated* way to authenticate is to pass the username, the user's domain +name (which will default to 'Default' if it is not specified), and a password:: >>> from keystoneclient import client @@ -97,6 +118,11 @@ password:: ... username=username, password=password, ... user_domain_name=user_domain_name) +A :py:class:`~keystoneclient.session.Session` should be passed to the Client +instead. Using a Session you're not limited to authentication using a username +and password but can take advantage of other more secure authentication +methods. + You may optionally specify a domain or project (along with its project domain name), to obtain a scoped token:: @@ -112,23 +138,3 @@ domain name), to obtain a scoped token:: ... user_domain_name=user_domain_name, ... project_name=project_name, ... project_domain_name=project_domain_name) - -Using Sessions -============== - -It's also possible to instantiate a :py:class:`keystoneclient.v3.client.Client` -class by using :py:class:`keystoneclient.session.Session`.:: - - >>> from keystoneclient.auth.identity import v3 - >>> from keystoneclient import session - >>> from keystoneclient.v3 import client - >>> auth = v3.Password(auth_url='https://my.keystone.com:5000/v3', - ... user_id='myuserid', - ... password='mypassword', - ... project_id='myprojectid') - >>> sess = session.Session(auth=auth) - >>> keystone = client.Client(session=sess) - -For more information on Sessions refer to: `Using Sessions`_. - -.. _`Using Sessions`: using-sessions.html |