Memcached token backend should work with any timezone
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
You Yamagata | ||
Grizzly |
Won't Fix
|
Medium
|
David Geng |
Bug Description
In configuration document, it looks like following configuration are required with memcache token backend.
- Memcached server's timezone is set to UTC.
- Timezone of both Memcached and Keystone server should be same.
So Keystone server's timezone is also set to UTC.
http://
I guess this limitation is caused by incorrect expiration time is set when tokens are generated.
backends/
time.mktime() return localtime, not UTC, so its value depends on time zone.
In my tests, if keystone server runs with UTC + N (N>=1), token authorization failed.
# run keystone server with UTC+1
> env TZ='UTC-1' tools/with_venv.sh bin/keystone-all
# get token
> env TZ=UTC tools/with_venv.sh keystone .. token-get
+------
| Property | Value |
+------
| expires | 2013-09-
| id | fecd5f9e1c1842f
| tenant_id | 7b1abdb5213a496
| user_id | 03a2d2e23ff94bf
+------
# use token
> env TZ=UTC curl -H "X-Auth-
{"error": {"message": "Could not find token, fecd5f9e1c1842f
Changed in keystone: | |
assignee: | nobody → You Yamagata (y-yamagata) |
Changed in keystone: | |
milestone: | none → havana-rc1 |
status: | In Progress → Fix Committed |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | havana-rc1 → 2013.2 |
https:/ /review. openstack. org/#/c/ 40378/