OpenStack Identity (keystone)

Create SAML assertion using domain scoped tokens returns 500 (Internal Server Error)

Bug #1395117 reported by Rodrigo Duarte on 2014-11-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Fix Released	Medium	Rodrigo Duarte	OpenStack Identity (keystone) 2015.1.0 "kilo"

Bug Description

When using a domain scoped token to request a SAML assertion, Keystone responds with a Internal Server Error. Here is where this condition is handled: https://github.com/openstack/keystone/blob/master/keystone/contrib/federation/controllers.py#L279

Rodrigo Duarte (rodrigodsousa) on 2014-11-21

Changed in keystone:
assignee:	nobody → Rodrigo Duarte (rodrigodsousa)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-11-21: Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/136471

Changed in keystone:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-11-23: Fix merged to keystone (master)

Reviewed: https://review.openstack.org/136471
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=4b3ae4c9871a7e65dffe260c9e4d3b147b29f7e3
Submitter: Jenkins
Branch: master

commit 4b3ae4c9871a7e65dffe260c9e4d3b147b29f7e3
Author: Rodrigo Duarte Sousa <email address hidden>
Date: Fri Nov 21 16:34:57 2014 -0300

Fixes create_saml_assertion() return

    The create_saml_assertion() method only accepts project scoped tokens.
    When using a domain scoped one it should return 403 correctly
    informing the caller about this requirenment.

Change-Id: I1223f284a84dee05e4a3907e04345497e5f767c1
Closes-Bug: 1395117

Changed in keystone:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-12-01: Fix proposed to keystone (feature/hierarchical-multitenancy)

Fix proposed to branch: feature/hierarchical-multitenancy
Review: https://review.openstack.org/138182

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-12-01: Change abandoned on keystone (feature/hierarchical-multitenancy)

Change abandoned by Morgan Fainberg (<email address hidden>) on branch: feature/hierarchical-multitenancy
Review: https://review.openstack.org/138182

Morgan Fainberg (mdrnstm) on 2014-12-08

Changed in keystone:
milestone:	none → kilo-1

Thierry Carrez (ttx) on 2014-12-17

Changed in keystone:
status:	Fix Committed → Fix Released

Dolph Mathews (dolph) on 2015-04-28

Changed in keystone:
importance:	Undecided → Medium

Thierry Carrez (ttx) on 2015-04-30

Changed in keystone:
milestone:	kilo-1 → 2015.1.0

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.