OpenStack Dashboard (Horizon)

Horizon should not log token

Bug #1380642 reported by Akihiro Motoki on 2014-10-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard (Horizon)	Fix Released	High	Akihiro Motoki	OpenStack Dashboard (Horizon) 2015.1.0 "kilo"

Bug Description

It is Horizon version of bug 1327019.
Various modules in openstack_dashboard/api logs token.
In other modules, token value is not logged now and is output as *REDACTED* or some similar string.
In Horizon case, these log lines are simply removed to fix the issue as it seems this logging is unnecessary in most cases.

I don't think this needs to be private based on the discussion in bug 1327019.

  def novaclient(request):
    insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
    cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
    LOG.debug('novaclient connection created using token "%s" and url "%s"' %
              (request.user.token.id, base.url_for(request, 'compute')))
    c = nova_client.Client(request.user.username,
                           request.user.token.id,
                           project_id=request.user.tenant_id,
                           auth_url=base.url_for(request, 'compute'),
                           insecure=insecure,
                           cacert=cacert,
                           http_log_debug=settings.DEBUG)
    c.client.auth_token = request.user.token.id
    c.client.management_url = base.url_for(request, 'compute')
    return c

Tags:

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-10-16: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/128859

Changed in horizon:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-10-17: Fix merged to horizon (master)

Reviewed: https://review.openstack.org/128859
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=47f1d49690fe3787a356175a069723f33ca12cfd
Submitter: Jenkins
Branch: master

commit 47f1d49690fe3787a356175a069723f33ca12cfd
Author: Akihiro Motoki <email address hidden>
Date: Thu Oct 16 04:34:30 2014 +0900

Do not log keystone token

    Previously token values are logged as DEBUG level when a new client
    object is instantiated. In other project and clients, token values
    are now not logged and is output as *REDACTED* instead.
    In Horizon these log lines do not have much meaning and
    we can simply remove them.

Change-Id: I67617ac6424907574d79ec2a57b513a548e220d2
Closes-Bug: #1380642

Changed in horizon:
status:	In Progress → Fix Committed

Akihiro Motoki (amotoki) on 2014-12-05

Changed in horizon:
milestone:	none → kilo-1

Thierry Carrez (ttx) on 2014-12-18

Changed in horizon:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2015-04-30

Changed in horizon:
milestone:	kilo-1 → 2015.1.0

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.