OpenStack Keystone Charm

Add option to configure default_authorization_ttl

Bug #1970388 reported by Hemanth Nakkina on 2022-04-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Keystone Charm	Fix Committed	Undecided	Hemanth Nakkina

Bug Description

In the federated keystone, the roles are not inherited from group membership to the federated users unless the default_authorization_ttl [1] is set to a non zero value.

See bug #1832092 [2] for more details.

This is a wishlist to provide an option in the charm to configure default_athorization_ttl.

[1] https://docs.openstack.org/keystone/latest/configuration/config-options.html#federation.default_authorization_ttl
[2] https://bugs.launchpad.net/keystone/+bug/1832092

Tags:

Hemanth Nakkina (hemanth-n) on 2022-05-16

affects:

charm-keystone-saml-mellon → charm-keystone

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841836

Changed in charm-keystone:
status:	New → In Progress

Hemanth Nakkina (hemanth-n) on 2022-05-16

Changed in charm-keystone:
assignee:	nobody → Hemanth Nakkina (hemanth-n)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix merged to charm-keystone (master)

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841836
Committed: https://opendev.org/openstack/charm-keystone/commit/f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b
Submitter: "Zuul (22348)"
Branch: master

commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b
Author: Hemanth Nakkina <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

Closes-Bug: #1970388
Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd

Changed in charm-keystone:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (stable/yoga)

Fix proposed to branch: stable/yoga
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841870

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841871

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841872

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841873

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-05-16: Fix proposed to charm-keystone (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/charm-keystone/+/841874

Hemanth Nakkina (hemanth-n) on 2022-05-16

tags:

added: sts

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-08: Fix proposed to charm-keystone (stable/21.10)

Fix proposed to branch: stable/21.10
Review: https://review.opendev.org/c/openstack/charm-keystone/+/845089

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-08: Change abandoned on charm-keystone (stable/21.10)

Change abandoned by "Alin-Gabriel Serdean <email address hidden>" on branch: stable/21.10
Review: https://review.opendev.org/c/openstack/charm-keystone/+/845089
Reason: miss configured branc

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to charm-keystone (stable/xena)

#10

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841871
Committed: https://opendev.org/openstack/charm-keystone/commit/87d66804a19f40d9adde2c07cc34414b121a2e3b
Submitter: "Zuul (22348)"
Branch: stable/xena

commit 87d66804a19f40d9adde2c07cc34414b121a2e3b
Author: Alin-Gabriel Serdean <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

    Closes-Bug: #1970388
    Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd
    (cherry picked from commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b)

tags:	added: in-stable-xena
tags:	added: in-stable-wallaby

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to charm-keystone (stable/wallaby)

#11

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841872
Committed: https://opendev.org/openstack/charm-keystone/commit/ed4dd57af4165493e45622bbbe28c07528871ed4
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit ed4dd57af4165493e45622bbbe28c07528871ed4
Author: Alin-Gabriel Serdean <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

    Closes-Bug: #1970388
    Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd
    (cherry picked from commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b)

tags:

added: in-stable-yoga

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to charm-keystone (stable/yoga)

#12

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841870
Committed: https://opendev.org/openstack/charm-keystone/commit/c200ccf68654c471059f5d37dc25a721984e07cf
Submitter: "Zuul (22348)"
Branch: stable/yoga

commit c200ccf68654c471059f5d37dc25a721984e07cf
Author: Alin-Gabriel Serdean <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

    Closes-Bug: #1970388
    Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd
    (cherry picked from commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b)

tags:

added: in-stable-victoria

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to charm-keystone (stable/victoria)

#13

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841873
Committed: https://opendev.org/openstack/charm-keystone/commit/a10c9ae8b6bf8db2e7012617ffe5eb3582a89a43
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit a10c9ae8b6bf8db2e7012617ffe5eb3582a89a43
Author: Alin-Gabriel Serdean <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

    Closes-Bug: #1970388
    Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd
    (cherry picked from commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b)

tags:

added: in-stable-ussuri

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-06-10: Fix merged to charm-keystone (stable/ussuri)

#14

Reviewed: https://review.opendev.org/c/openstack/charm-keystone/+/841874
Committed: https://opendev.org/openstack/charm-keystone/commit/277aea8bd9a4c28712e79dab3acf30e31b259288
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit 277aea8bd9a4c28712e79dab3acf30e31b259288
Author: Hemanth Nakkina <email address hidden>
Date: Mon May 16 12:02:57 2022 +0530

New option default_authorization_ttl

    Add new option default_authorization_ttl used for
    federation to set validity of group memberships
    coming from a mapping.

    Closes-Bug: #1970388
    Change-Id: I4a8dbc501e14d1201ceed27077554924c56e3abd
    (cherry picked from commit f5d9b9ed4095a46be0ba0067ace7bf1c93bdfd8b)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.