OpenStack Identity (keystone)

Keystone should log authentication success

Bug #1320302 reported by Michael Solberg on 2014-05-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Invalid	Undecided	Unassigned
	Havana	Fix Released	Wishlist	Nathan Kinder	OpenStack Identity (keystone) 2013.2.4

Bug Description

Some security regulations require the auditing of authentication success. Keystone currently logs authentication failures, but doesn't log when a user successfully gets a token.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-05-16: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/93975

Changed in keystone:
assignee:	nobody → Michael Solberg (msolberg)
status:	New → In Progress

OpenStack Infra (hudson-openstack) on 2014-05-20

Changed in keystone:
assignee:	Michael Solberg (msolberg) → Nathan Kinder (nkinder)

Alan Pevec (apevec) on 2014-05-20

Changed in keystone:
assignee:	Nathan Kinder (nkinder) → nobody
status:	In Progress → Invalid

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-05-21: Fix proposed to keystone (stable/havana)

Fix proposed to branch: stable/havana
Review: https://review.openstack.org/94517

Revision history for this message

Dolph Mathews (dolph) wrote on 2014-05-22:

In icehouse, keystone emits CADF notifications on all authentication events (except for external & federated identities, I believe).

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-06-02: Change abandoned on keystone (master)

Change abandoned by Morgan Fainberg (<email address hidden>) on branch: master
Review: https://review.openstack.org/93975
Reason: Abandoning, stable/havana change is here: https://review.openstack.org/#/c/94517/