revoke token does not revoke the tokens created by the original
Bug #1155255 reported by
Adam Young
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
We don't keep track of what token was used to create a token.
So If we revoke a specific token, and that token was used to create another token, the "downstream" token does not get revoked.
Changed in keystone: | |
assignee: | nobody → Juan Antonio Osorio Robles (juan-osorio-robles) |
To post a comment you must log in.
This also affects trusts; "in addition to revoking all tokens" you need "to revoke all tokens created by trusts of that trustor" -ayoung