Identity authentication does not check if user is enabled
Bug #1028563 reported by
Sean McMurray
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
High
|
Unassigned |
Bug Description
I don't see where sql, pam, or ldap check the enabled status of a user when authenticating.
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → High |
Changed in keystone: | |
status: | Triaged → Invalid |
security vulnerability: | yes → no |
visibility: | private → public |
To post a comment you must log in.
Done during authenticate:
https:/ /github. com/openstack/ keystone/ blob/master/ keystone/ service. py#L284 /github. com/openstack/ keystone/ blob/master/ keystone/ service. py#L328
https:/