Validation of paramaters during Create User
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Lance Bragstad |
Bug Description
Affected version 2012.1 (essex/stable)
In addition to the fixes made by https:/
the following validations should also be made while user creation. Currently there are no checks or
error responses returned for the following scenarios.
1. User with an empty name should not be created.
2. User with an empty password should not be created
3. Email format should be validated while creating a user (currently email addresses such as '12345' are accepted by the API)
4. User having password exceeding max length should not be created - There needs to be a password length limit defined.
The password belongs to a TEXT type field and can be injected with huge number of characters (atleast 64K).
I could create a user with a password of 256 characters.
The fixes made to https:/
Changed in keystone: | |
status: | Triaged → Confirmed |
tags: | added: tempest |
Changed in keystone: | |
assignee: | nobody → Adam Young (ayoung) |
Changed in keystone: | |
assignee: | Adam Young (ayoung) → nobody |
Changed in keystone: | |
assignee: | nobody → Juan Antonio Osorio Robles (juan-osorio-robles) |
Changed in keystone: | |
assignee: | Juan Antonio Osorio Robles (juan-osorio-robles) → nobody |
Changed in keystone: | |
assignee: | Lance Bragstad (lbragstad) → Lin Hua Cheng (lin-hua-cheng) |
Changed in keystone: | |
assignee: | Lin Hua Cheng (lin-hua-cheng) → Lance Bragstad (lbragstad) |
Changed in keystone: | |
assignee: | Lance Bragstad (lbragstad) → Lin Hua Cheng (lin-hua-cheng) |
Changed in keystone: | |
assignee: | Lin Hua Cheng (lin-hua-cheng) → Lance Bragstad (lbragstad) |
Changed in keystone: | |
assignee: | Lance Bragstad (lbragstad) → Brant Knudson (blk-u) |
Changed in keystone: | |
assignee: | Brant Knudson (blk-u) → Lance Bragstad (lbragstad) |
Changed in keystone: | |
milestone: | none → liberty-1 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | liberty-1 → 8.0.0 |
Rohit - as this is describing new functionality that will take more than a single commit to make, I suggest you create a blueprint in Keystone to cover this work.