OpenStack Identity (keystone)

Allow for different LDAP scopes when authenticating

Bug #1122181 reported by Ionuț Arțăriși
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Undecided
Ionuț Arțăriși
OpenStack Identity (keystone) 2013.1 "grizzly"

Bug Description

Right now, the LDAP search scopes are hard-coded in keystone/common/ldap/core.py for the get() and get_all() methods. Some LDAP configurations require for e.g. SCOPE_SUBTREE when getting information about a user, but SCOPE_ONELEVEL is hardcoded.

The LDAP scopes should be configurable to allow for more config flexibility.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/21664

Changed in keystone:
assignee: nobody → Ionuț Arțăriși (mapleoin)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/21664
Committed: http://github.com/openstack/keystone/commit/159ffe48e986e524f5930ad41d376bdce2b6a07e
Submitter: Jenkins
Branch: master

commit 159ffe48e986e524f5930ad41d376bdce2b6a07e
Author: Ionuț Arțăriși <email address hidden>
Date: Mon Feb 11 17:15:23 2013 +0100

    make LDAP query scope configurable

    Get the DN from the LDAP server itself rather than hardcoding its format.

    Fixes bug 1122181

    Change-Id: I6f70c480b5c6f1b064e74d3cbd2cd8ca5ee82b0a

Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in keystone:
milestone: none → grizzly-3
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in keystone:
milestone: grizzly-3 → 2013.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.