OpenStack Identity (keystone)

User creation is allowed with empty password

Bug #1520737 reported by Karan Soni
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
New
Undecided
Unassigned

Bug Description

While creating user using keystone command with password option, it does not check if user entered any character for password or not.

steps:
$ keystone user-create --name testing --pass
New Password:
Repeat New Password:
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 47aa13b9c9354f42be3d92a882f39667 |
| name | testing |
| username | testing |
+----------+----------------------------------+

In 'New Password' press enter without typing any character and same for 'Repeat New Password'

then execute any command using the this user credentials and it will prompt for password, but password is empty so you can not execute any command.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.