Domain extraction from REMOTE_USER name should allow for '@' in username

Bug #1213842 reported by Henry Nash on 2013-08-19
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Medium
Henry Nash

Bug Description

The ExternalDomain support in REMOTE_USER expects to find an '@' character in the username as the delineator between the name and domain. However, if the username were to contain an '@' itself, the current code breaks. A simple change would be to only extract the domain name to the right of the "rightmost '@' character".

Fix proposed to branch: master
Review: https://review.openstack.org/42660

Changed in keystone:
status: New → In Progress

Reviewed: https://review.openstack.org/42660
Committed: http://github.com/openstack/keystone/commit/c70a784e0addef10765e2425e6e3c53be2a33a7e
Submitter: Jenkins
Branch: master

commit c70a784e0addef10765e2425e6e3c53be2a33a7e
Author: Henry Nash <email address hidden>
Date: Mon Aug 19 16:04:44 2013 +0100

    Ensure username passed by REMOTE_USER can contain '@'

    The external authentication support allows the domain to be passed
    as part of the REMOTE_USER name, by using the '@' as a delineator,
    but did not handle the case when the actual username itself also
    contained the '@' character.

    Fixes bug 1213842

    Change-Id: Idffa42fe9c70818c71379669dfcd17d3113738a3

Changed in keystone:
status: In Progress → Fix Committed
Thierry Carrez (ttx) on 2013-09-05
Changed in keystone:
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2013-10-17
Changed in keystone:
milestone: havana-3 → 2013.2
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers