Mapping openstack_user attribute in k2k assertions with different domains
Bug #1442787 reported by
Rodrigo Duarte
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Rodrigo Duarte | ||
Kilo |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
We can have two users with the same username in different domains. So if we have a "User A" in "Domain X" and a "User A" in "Domain Y", there is no way to differ what "User A" is being used in a SAML assertion generated by this IdP (we have only the openstack_user attribute in the SAML assertion).
information type: | Public → Public Security |
Changed in keystone: | |
assignee: | Rodrigo Duarte (rodrigodsousa) → Marek Denis (marek-denis) |
tags: | added: kilo-backport-potential |
Changed in keystone: | |
assignee: | Marek Denis (marek-denis) → Rodrigo Duarte (rodrigodsousa) |
Changed in keystone: | |
milestone: | none → liberty-1 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | liberty-1 → 8.0.0 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/172562
Review: https:/