Reviewed: https://review.openstack.org/12870 Committed: http://github.com/openstack/keystone/commit/58ac6691a21675be9e2ffb0f84a05fc3cd4d2e2e Submitter: Jenkins Branch: stable/essex
commit 58ac6691a21675be9e2ffb0f84a05fc3cd4d2e2e Author: Dolph Mathews <email address hidden> Date: Fri Sep 7 14:55:31 2012 -0500
Delete user tokens after role grant/revoke
Delete user tokens when a new role is granted or revoked, in order to prevent old tokens to continue to be valid for the original set of roles for the remainder of the token's lifespan.
Addresses CVE-2012-4413. Fixes bug 1041396.
Change-Id: Ib11b5b3a933c6000afe0c875c3f71f1f101bb202
Reviewed: https:/ /review. openstack. org/12870 github. com/openstack/ keystone/ commit/ 58ac6691a21675b e9e2ffb0f84a05f c3cd4d2e2e
Committed: http://
Submitter: Jenkins
Branch: stable/essex
commit 58ac6691a21675b e9e2ffb0f84a05f c3cd4d2e2e
Author: Dolph Mathews <email address hidden>
Date: Fri Sep 7 14:55:31 2012 -0500
Delete user tokens after role grant/revoke
Delete user tokens when a new role is granted or revoked, in order to
prevent old tokens to continue to be valid for the original set of
roles for the remainder of the token's lifespan.
Addresses CVE-2012-4413.
Fixes bug 1041396.
Change-Id: Ib11b5b3a933c60 00afe0c875c3f71 f1f101bb202