Keystone ignores role_allow_update parameter for LDAP
Bug #1373256 reported by
Dmitry Ukov
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mirantis OpenStack |
Invalid
|
Medium
|
MOS Keystone | ||
5.0.x |
Won't Fix
|
Medium
|
MOS Keystone | ||
5.1.x |
Won't Fix
|
Medium
|
MOS Keystone | ||
6.0.x |
Won't Fix
|
Medium
|
MOS Keystone | ||
6.1.x |
Won't Fix
|
Medium
|
MOS Keystone | ||
7.0.x |
Invalid
|
Medium
|
MOS Keystone |
Bug Description
Keystone is configured to use LDAP as backend. Option role_allow_update is set to "False". User to authenticate against LDAP has access to modify objects. Execute 'keystone user-role-add' and result will be successful (HTTP 200 or HTTP 201). User will be added in appropriate group in LDAP
summary: |
- Keystone ignores role_allow_update parameter for lDAP + Keystone ignores role_allow_update parameter for LDAP |
Changed in mos: | |
status: | Incomplete → Confirmed |
importance: | Undecided → Medium |
assignee: | nobody → MOS Keystone (mos-keystone) |
tags: | added: keystone |
Changed in mos: | |
status: | Confirmed → Won't Fix |
Changed in mos: | |
milestone: | 6.0.1 → 7.0 |
Changed in mos: | |
status: | Triaged → Invalid |
tags: | added: wontfix-low |
To post a comment you must log in.
Dmitry, please specify which version of MOS do you use. Preferably get output of http://<fuel-master- node>/api/ version