Cannot create a secret when working on a unauthenticated context
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Barbican |
Fix Released
|
Critical
|
John Vrbanac |
Bug Description
Steps to Reproduce:
* Pull down trunk or 8b983b1645a05dd
* Start up a development instance of barbican (No authentication)
* Attempt to create a secret:
curl -X POST -H "Content-Type: application/json" -H "X-Project-Id: bam" -d '{
"name": "AES key",
"expiration": "2015-12-
"algorithm": "aes",
"bit_length": 256,
"mode": "cbc",
"payload": "YmVlcg==",
"payload_
"payload_
}' http://
Actual Response:
{
"code": 403,
"description": "Secret creation attempt not allowed - please review your user/project privileges",
"title": "Forbidden"
}
Expected Response:
{
"secret_ref": "http://
}
Changed in barbican: | |
status: | New → Confirmed |
assignee: | nobody → John Vrbanac (john.vrbanac) |
importance: | Undecided → Critical |
Changed in barbican: | |
milestone: | none → liberty-1 |
Changed in barbican: | |
status: | Fix Committed → Fix Released |
Changed in barbican: | |
milestone: | liberty-1 → 1.0.0 |
Fix proposed to branch: master /review. openstack. org/183391
Review: https:/