LDAP Identity Driver does not call delete_user or delete_group on the LDAP assignment api
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Brant Knudson |
Bug Description
Likely the call to assignment_
The kvs identity driver does not call delete_user on assignment_api.
The kvs identity driver does not call delete_group on assignment_api.
The ldap identity driver does not call delete_group on assignment_api.
Tests should be added as well to confirm the assignment_api methods are called.
Related: Should delete_user called with the PAM identity driver still call assignment_
description: | updated |
summary: |
- Some Identity Drivers do not call delete_user or delete_group on the - assignment api when expected + LDAP Identity Driver does not call delete_user or delete_group on the + LDAP assignment api |
Changed in keystone: | |
importance: | Undecided → Medium |
status: | New → Confirmed |
milestone: | none → next |
Changed in keystone: | |
assignee: | nobody → Pablo Fernando Cargnelutti (pablo-fernando-cargnelutti) |
tags: | added: ldap |
Changed in keystone: | |
assignee: | Pablo Fernando Cargnelutti (pablo-fernando-cargnelutti) → Morgan Fainberg (mdrnstm) |
Changed in keystone: | |
assignee: | Morgan Fainberg (mdrnstm) → Brant Knudson (blk-u) |
milestone: | next → juno-rc1 |
importance: | Medium → High |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | juno-rc1 → 2014.2 |
Looking into this further, KVS appears to be a non-issue as it (in most cases) shares a single in-memory DB. Though for correctness, it probably should still do so.