When a new v3 credential of ec2 type is created, we store it with a new credential id in the backend
Bug #1185582 reported by
Nachiappan
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Nachiappan | ||
Bug Description
When a new v3 credential of ec2 type is created, we store it with a new credential id in the id column in backend.
It would be preferred to store the access key id in the id column in backend when the credential of type ec2 is created.
| Changed in keystone: | |
| assignee: | nobody → Nachiappan (nachiappan-veerappan-nachiappan) |
| Changed in keystone: | |
| status: | New → Triaged |
| importance: | Undecided → Wishlist |
Revision history for this message
| Dolph Mathews (dolph) wrote | #1 |
| Changed in keystone: | |
| status: | Triaged → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to keystone (master) | #2 |
| Changed in keystone: | |
| status: | In Progress → Fix Committed |
| Changed in keystone: | |
| milestone: | none → havana-3 |
| status: | Fix Committed → Fix Released |
| Changed in keystone: | |
| milestone: | havana-3 → 2013.2 |
To post a comment you must log in.
(from IRC)
Rather than storing the plain text value of the access key in the id column of the credential table, which would force clients to URL-encode the access key, I'd suggest having the EC2 controller hash the access key and set that as the primary key. That way, clients of the /v3/credentials API are otherwise unaffected.