Project tokens issued from a saml2 auth are missing inherited group roles
Bug #1389752 reported by
Henry Nash
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Henry Nash | ||
Juno |
Fix Released
|
High
|
Brant Knudson |
Bug Description
When building the roles in a Keystone token from a saml2 token, we call assignment_
The implication is that project scoped tokens would not get any group roles that should be inherited from the domain.
tags: | added: juno-backport-potential |
Changed in keystone: | |
milestone: | none → kilo-1 |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | kilo-1 → 2015.1.0 |
To post a comment you must log in.
This is the "project" equivalent of https:/ /bugs.launchpad .net/keystone/ +bug/1385533, separated out so we can fix them separately.