diff --git a/etc/sample_libra.cfg b/etc/sample_libra.cfg
index b0dd3ab2..4bdb6315 100644
--- a/etc/sample_libra.cfg
+++ b/etc/sample_libra.cfg
@@ -78,8 +78,6 @@ db_user=root
 db_pass=passwd
 db_schema=lbaas
 gearman=127.0.0.1:4730
-keystone_host=keystone.server.com
-keystone_port=35357
-keystone_protocol=https
-keystone_certfile=certfile.key
-keystone_keyfile=keyfile.key
+
+# Keystone options go here
+[keystone]
diff --git a/libra/api/acl.py b/libra/api/acl.py
index f02ef340..82f92625 100644
--- a/libra/api/acl.py
+++ b/libra/api/acl.py
@@ -12,19 +12,18 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-from keystoneclient.middleware import auth_token
+import ConfigParser
+import importlib
 
 
 def install(app, args):
     """Install ACL check on application."""
-    conf = {
-        'auth_host': args.keystone_host,
-        'auth_port': args.keystone_port,
-        'auth_protocol': args.keystone_protocol,
-        'certfile': args.keystone_certfile,
-        'keyfile': args.keystone_keyfile
-    }
-    return auth_token.AuthProtocol(app, conf)
+    config = ConfigParser.SafeConfigParser()
+    config.read([args.config])
+    module_details = args.keystone_module.split(':')
+    keystone = importlib.import_module(module_details[0])
+    auth_class = getattr(keystone, module_details[1])
+    return auth_class(app, config._sections['keystone'])
 
 
 def get_limited_to_project(headers):
diff --git a/libra/api/app.py b/libra/api/app.py
index 0338b2a9..76b46ae6 100644
--- a/libra/api/app.py
+++ b/libra/api/app.py
@@ -107,19 +107,9 @@ def main():
         help='Gearman job servers'
     )
     options.parser.add_argument(
-        '--keystone_host', help='Keystone host'
-    )
-    options.parser.add_argument(
-        '--keystone_port', help='Keystone port', type=int
-    )
-    options.parser.add_argument(
-        '--keystone_protocol', help='Keystone protocol', default='https'
-    )
-    options.parser.add_argument(
-        '--keystone_certfile', help='Keystone certificate file'
-    )
-    options.parser.add_argument(
-        '--keystone_keyfile', help='Keystone key file'
+        '--keystone_module',
+        default='keystoneclient.middleware.auth_token:AuthProtocol',
+        help='A colon separated module and class for keystone middleware'
     )
 
     args = options.run()
@@ -127,11 +117,6 @@ def main():
     required_args = [
         'db_user', 'db_pass', 'db_host', 'db_schema'
     ]
-    if not args.disable_keystone:
-        required_args = required_args + [
-            'keystone_host', 'keystone_port', 'keystone_certfile',
-            'keystone_keyfile'
-        ]
 
     missing_args = 0
     for req in required_args:
diff --git a/requirements.txt b/requirements.txt
index f2fabced..154aea6b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,4 +10,3 @@ pecan
 sqlalchemy>=0.8.0
 wsme>=0.5b2
 MySQL-python
-python-keystoneclient>=0.2.3