notification not generated for authentication failure with invalid user name
Bug #1537963 reported by
Thomas Hsiao
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Morgan Fainberg | ||
Bug Description
Enable event notification in log mode:
[DEFAULT]
notification_format = cadf
notification_driver = log
Test by "Create a token"
$ openstack token issue
1.[OK] Correct user name and password: an event notification was created with "event_type": "identity.
"outcome": "success"
2. [OK] Correct user name but invalid password: an event notification was also created with "event_type": "identity.
"outcome": "failure"
3. [BUG] Invalid user name: NO event notification was created.
This may cause a security issue.
| Changed in keystone: | |
| assignee: | nobody → Thomas Hsiao (thomas-hsiao) |
Revision history for this message
| Steve Martinelli (stevemar) wrote | #1 |
| Changed in keystone: | |
| importance: | Undecided → Wishlist |
| milestone: | none → mitaka-3 |
| summary: |
- Enent Notification not generated for authentication failure with invalid - user name + notification not generated for authentication failure with invalid user + name |
| Changed in keystone: | |
| status: | New → Triaged |
| Changed in keystone: | |
| milestone: | mitaka-3 → none |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to keystone (master) | #2 |
| Changed in keystone: | |
| status: | Triaged → In Progress |
| Changed in keystone: | |
| assignee: | Thomas Hsiao (thomas-hsiao) → Guang Yee (guang-yee) |
| tags: | added: notifications |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Change abandoned on keystone (master) | #3 |
Revision history for this message
| Lance Bragstad (lbragstad) wrote | #4 |
| Changed in keystone: | |
| assignee: | Guang Yee (guang-yee) → nobody |
| status: | In Progress → Triaged |
| Changed in keystone: | |
| assignee: | nobody → Colin Best (cbest47) |
| Changed in keystone: | |
| assignee: | Colin Best (cbest47) → nobody |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to keystone (master) | #8 |
| Changed in keystone: | |
| assignee: | nobody → Morgan Fainberg (mdrnstm) |
| status: | Triaged → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to keystone (master) | #9 |
| Changed in keystone: | |
| status: | In Progress → Fix Released |
| Changed in keystone: | |
| milestone: | none → stein-2 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix included in openstack/keystone 15.0.0.0rc1 | #10 |
To post a comment you must log in.
sounds like it should be fixed, surprised that it isn't already handled.