Memcache token backend stores entire PKI token in usertoken index

Bug #1202050 reported by Kieran Spear on 2013-07-17
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)

Bug Description

Following on from:

This looks to be fixed on master but Grizzly Keystone is storing the entire encoded PKI token in the user index. It only needs to be storing the hash. With a PKI token around 4k a user can only create 256 tokens before the memcache backend hits the page limit of 1MB and token creation starts failing for that user.

Dolph Mathews (dolph) on 2013-07-17
Changed in keystone:
status: New → Triaged
importance: Undecided → Medium
status: Triaged → Invalid
Morgan Fainberg (mdrnstm) wrote :

Grizzly is EOL, wont fix the grizzly branch at this point. Havana and beyond have this fix.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers