OpenStack Identity (keystone)

auth_version config not used

Bug #1438469 reported by Tushar Kalra on 2015-03-31

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Invalid	Undecided	Unassigned
	keystonemiddleware	Expired	Undecided	Unassigned

Bug Description

When auth_version is set to be v3.0 in glance-api.conf, I see this in the logs "Auth Token proceeding with requested v3.0 apis" but in the very next debug log I see that the authentication request actually appends v2.0 to the identity url, which seems incorrect [1].

2015-03-31 00:52:13.928 254 INFO keystonemiddleware.auth_token [-] Auth Token proceeding with requested v3.0 apis
2015-03-31 00:52:13.928 254 DEBUG keystoneclient.auth.identity.v2 [-] Making authentication request to https://<keystone server>:35357/v2.0/tokens get_auth_ref /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v2.py:76

Relevant config from glance-api.conf:

[keystone_authtoken]
identity_uri = https://<keystone server>:35357
admin_user = glance
admin_password =<admin_password>
auth_version = v3.0

[1] https://github.com/openstack/keystonemiddleware/blob/02abaa1d2711a3d5fc0dd020f05133618e5b7dde/keystonemiddleware/auth_token.py#L548

See original description

Revision history for this message

Tushar Kalra (tkay) wrote on 2015-03-31:

Looks like it might be due to this hardcoded version:
https://github.com/openstack/keystonemiddleware/blob/1.4.0/keystonemiddleware/auth_token.py#L548

I am not entirely familiar with the code path here, but how is keystone v3 expected to work with this hardcoded string?

Lance Bragstad (lbragstad) on 2015-03-31

description:

updated

Morgan Fainberg (mdrnstm) on 2015-04-04

Changed in keystone:
status:	New → Invalid

Revision history for this message

Steve Martinelli (stevemar) wrote on 2015-11-27:

are you still hitting this problem, i believe with version discovery this should not be an issue

Changed in keystonemiddleware:
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-01-27:

[Expired for keystonemiddleware because there has been no activity for 60 days.]

Changed in keystonemiddleware:
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.