the token still can be used if the EC2 credential has been deleted

Bug #1305566 reported by wanghong
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Confirmed
Low
Unassigned

Bug Description

Currently, the associated tokens are not deleted when deleting ec2 credential. So, the token got before can still be used.

Revision history for this message
Dolph Mathews (dolph) wrote :

This would be a great place to emit revocation events in Juno.

Changed in keystone:
importance: Undecided → Medium
status: New → Triaged
tags: added: security
summary: - the token still can be used if the credential has been deleted
+ the token still can be used if the EC2 credential has been deleted
wanghong (w-wanghong)
Changed in keystone:
assignee: nobody → wanghong (w-wanghong)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/87450

Changed in keystone:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on keystone (master)

Change abandoned by wanghong (<email address hidden>) on branch: master
Review: https://review.openstack.org/87450

Revision history for this message
Steve Martinelli (stevemar) wrote :

unassigning due to inactivity

Changed in keystone:
assignee: wanghong (w-wanghong) → nobody
status: In Progress → Confirmed
Changed in keystone:
importance: Medium → Low
Changed in keystone:
assignee: nobody → Ron De Rose (ronald-de-rose)
Changed in keystone:
assignee: Ron De Rose (ronald-de-rose) → nobody
tags: added: reviewed-bobcat
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.