commit 42a9e22ae570e1266b7ff64e2698a27b55bcad84
Author: Steve Baker <email address hidden>
Date: Mon Mar 17 10:07:22 2014 +1300
Never specify project_name in keystone v3 auth
All of our middlewares populate the context with both the tenant name and the
tenant_id. The tenant_id, is unique across domains which means you can do lookups
without having to know what domain the project is in.
When project_id and project_name are both specified, it seems that project_name
takes precedence, which will fail when the credentials are from the stack domain since
we cannot lookup by project names when the domain is not specified.
It looks like specifying project_name is never the right thing to do, and we should
assume that the context always has a tenant_id.
Reviewed: https:/ /review. openstack. org/80867 /git.openstack. org/cgit/ openstack/ heat/commit/ ?id=42a9e22ae57 0e1266b7ff64e26 98a27b55bcad84
Committed: https:/
Submitter: Jenkins
Branch: master
commit 42a9e22ae570e12 66b7ff64e2698a2 7b55bcad84
Author: Steve Baker <email address hidden>
Date: Mon Mar 17 10:07:22 2014 +1300
Never specify project_name in keystone v3 auth
All of our middlewares populate the context with both the tenant name and the
tenant_id. The tenant_id, is unique across domains which means you can do lookups
without having to know what domain the project is in.
When project_id and project_name are both specified, it seems that project_name
takes precedence, which will fail when the credentials are from the stack domain since
we cannot lookup by project names when the domain is not specified.
It looks like specifying project_name is never the right thing to do, and we should
assume that the context always has a tenant_id.
Change-Id: Ifea21e13be482a 6347438d6baaca3 111caad4a97
Closes-Bug: #1290621