OpenStack Dashboard (Horizon)

New Neutron unauthorised exception

Bug #1291431 reported by Julie Pichon
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Expired
Medium
Unassigned

Bug Description

In case of token expiry, the Neutron client tries to refresh the token - but if the auth_url isn't specified it can fail to do so (auth_url isn't a required value when authenticating with a token). The Neutron client was recently updated to properly handle this case and raise an exception.

https://review.openstack.org/#/c/53461/

This new exception should be added to the dashboard list of unauthorised exceptions, I think, in order to be handled it correctly - that is, return a forbidden/unauthorised error rather than internal server error.

https://github.com/openstack/horizon/blob/master/openstack_dashboard/exceptions.py

Julie Pichon (jpichon)
Changed in horizon:
importance: Undecided → Medium
Revision history for this message
Akihiro Motoki (amotoki) wrote :

I am working on bug 1284317 in neutronclient. The base class of (newly introduced) NoAuthURLProvided exception looks inappropriate and it seems Unauthorized is a better base class.

Revision history for this message
Akihiro Motoki (amotoki) wrote :

It is related to neutronclient. I will take care of it.

Changed in horizon:
assignee: nobody → Akihiro Motoki (amotoki)
Revision history for this message
Akihiro Motoki (amotoki) wrote :

I am working on rearranging neutronclient exceptions in bug 1296148 and https://review.openstack.org/82319.
I will do my best to merge it soon. In this patch, NoAuthURLProvided now inherits Unauthorized. Once the patch is merged, there is no need to modify Horizon related to this bug.

The issue reported in this bug is related to unreleased neutronclient and I hope the fix of bug 1296148 (above) is also a part of the next release of neutronclient. If not, I will propose a patch to address this issue.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to horizon (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/82320

Revision history for this message
Akihiro Motoki (amotoki) wrote :

Hi Julie,

Let me clarify more. At now, neutronclient is instantiated with auth_url in openstack_dashboard.api.neutron [1]. I think the newly added exception NoAuthURLProvided is never raised in Horizon.

Are you suggesting removing auth_url from neutronclient() in openstack_dashboard.api.neutron and handling token expiry in Horizon side?

[1] http://git.openstack.org/cgit/openstack/horizon/tree/openstack_dashboard/api/neutron.py#n431

Changed in horizon:
status: New → Incomplete
Revision history for this message
Julie Pichon (jpichon) wrote :

Hi Akihiro, thanks for following up on this. I've seen the auth_url concatenation error surface in Horizon before, so I made the assumption that the new neutronclient exception would be raised all the way to Horizon as well. If I'm mistaken, or the new exception inherits Unauthorized and is therefore already covered, then we can probably close this bug with no action required. Thanks!

David Lyle (david-lyle)
Changed in horizon:
milestone: icehouse-rc1 → none
Akihiro Motoki (amotoki)
Changed in horizon:
assignee: Akihiro Motoki (amotoki) → nobody
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for OpenStack Dashboard (Horizon) because there has been no activity for 60 days.]

Changed in horizon:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.