Service token should not need a tenant
Bug #887877 reported by
Ziad Sawalha
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Ziad Sawalha | ||
Bug Description
Why is an administrative service token bound to a tenant? In sampledata.py, two changes things should change:
1. There should be an Admin token without a tenant
2. There should be a service identity with the serviceadmin role and a token without a tenant for that identity:
('token', 'add', '999888777666', 'admin', 'customer-x',
('token', 'add', '111222333444', 'serviceadmin', 'customer-x',
| Changed in keystone: | |
| milestone: | none → essex-3 |
| assignee: | nobody → Ziad Sawalha (ziad-sawalha) |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
Revision history for this message
| Openstack Gerrit (openstack-gerrit) wrote Fix merged to keystone (master) | #1 |
| Changed in keystone: | |
| status: | Confirmed → Fix Committed |
| Changed in keystone: | |
| status: | Fix Committed → Fix Released |
| Changed in keystone: | |
| milestone: | essex-3 → 2012.1 |
To post a comment you must log in.
Reviewed: https:/
Committed: http://
Submitter: Jenkins
Branch: master
status fixcommitted
done
commit 0b03a1def22f44d
Author: Ziad Sawalha <email address hidden>
Date: Sat Dec 17 13:57:13 2011 -0600
Support for unscoped admin tokens
- Fixes bug 887877
- Updates to sampledata to not scope admin/serviceadmin tokens to customer-x
- Fix 'undocumented' bug in keystone-manage that fails to handle 'None' correctly for tenant
Change-Id: Iaa7f8897c79ca5