Comment 9 for bug 1237989

Revision history for this message
Matthias Runge (mrunge) wrote :

the proposed "fix" for horizon is to disable password updates by users, when keystone is using v3. IMHO that's unfortunate.

The other "fix" would be, not to require admin privileges and to check, if the given password was right. That leaves the server side insecure.

I can't see, how adding a function to keystone v3 will break functionality. Release-wise, this will hurt the schedule, no question.
Still, I'd vote to slip the release and to implement a fix ASAP.