OpenStack Identity (keystone)

swift_auth middleware does not allow non-authenticated access allow via referrer

Bug #924578 reported by Liem Nguyen
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Wishlist
Maru Newby
OpenStack Identity (keystone) 2012.1 "essex"
keystone (Ubuntu)
Fix Released
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned

Bug Description

FYI... HP can help with the implementation for this missing feature.

Revision history for this message
Guang Yee (guang-yee) wrote :

Please feel free to assign it to me once it is confirmed.

Joseph Heck (heckj)
tags: added: legacy
Revision history for this message
Guang Yee (guang-yee) wrote :

This bug still applicable to KSL.

Dolph Mathews (dolph)
Changed in keystone:
importance: Undecided → Wishlist
Joseph Heck (heckj)
tags: added: blueprint
Changed in keystone:
status: New → Triaged
Maru Newby (maru)
Changed in keystone:
assignee: nobody → Maru Newby (maru)
assignee: Maru Newby (maru) → nobody
Maru Newby (maru)
Changed in keystone:
assignee: nobody → Maru Newby (maru)
Revision history for this message
Maru Newby (maru) wrote :

I have a patch that resolves this bug and it will be submitted for review once a related change is approved:

https://review.openstack.org/#change,5595

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/5603

Changed in keystone:
status: Triaged → In Progress
Maru Newby (maru)
tags: added: essex-rc-potential
Joseph Heck (heckj)
Changed in keystone:
milestone: none → essex-rc2
Thierry Carrez (ttx)
tags: removed: essex-rc-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/5603
Committed: http://github.com/openstack/keystone/commit/6ec1782dcc13b77eba14d7ff1ace6c9bca997dc5
Submitter: Jenkins
Branch: master

commit 6ec1782dcc13b77eba14d7ff1ace6c9bca997dc5
Author: Maru Newby <email address hidden>
Date: Tue Mar 20 22:19:36 2012 -0700

    Add support to swift_auth for tokenless authz

     * Updates keystone.middleware.swift_auth to allow token-less
       (unauthenticated) access for container sync (bug 954030) and
       permitted referrers (bug 924578).

    Change-Id: Ieccf458c44dfe55f546dc15c79704800dad59ac0

Changed in keystone:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (milestone-proposed)

Fix proposed to branch: milestone-proposed
Review: https://review.openstack.org/6177

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (milestone-proposed)

Reviewed: https://review.openstack.org/6177
Committed: http://github.com/openstack/keystone/commit/89e8dc075151acc85d8c4f8972d3910c7f33bd25
Submitter: Jenkins
Branch: milestone-proposed

commit 89e8dc075151acc85d8c4f8972d3910c7f33bd25
Author: Maru Newby <email address hidden>
Date: Tue Mar 20 22:19:36 2012 -0700

    Add support to swift_auth for tokenless authz

     * Updates keystone.middleware.swift_auth to allow token-less
       (unauthenticated) access for container sync (bug 954030) and
       permitted referrers (bug 924578).

    Change-Id: Ieccf458c44dfe55f546dc15c79704800dad59ac0

Changed in keystone:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in keystone:
milestone: essex-rc2 → 2012.1
Chuck Short (zulcss)
Changed in keystone (Ubuntu Precise):
status: New → Fix Released
Chuck Short (zulcss)
Changed in keystone (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.