improper handling non existing identity providers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Dave Chen | ||
python-keystoneclient |
Invalid
|
Undecided
|
Unassigned | ||
python-openstackclient |
Fix Released
|
Medium
|
Steve Martinelli |
Bug Description
I've spotted something like this today:
ubuntu@devstack:~$ openstack identity provider list
+-----+
| ID | Enabled | Description |
+-----+
| k2k | True | None |
+-----+
ubuntu@devstack:~$ openstack identity provider show idontexist
+------
| Field | Value |
+------
| description | None |
| enabled | True |
| id | k2k |
| remote_ids | [] |
+------
ubuntu@devstack:~$
What's more i can see such log in my keystone server:
2015-07-30 14:53:17.174908 14054 INFO keystone.
Changed in python-openstackclient: | |
assignee: | nobody → Marek Denis (marek-denis) |
Changed in python-openstackclient: | |
assignee: | Marek Denis (marek-denis) → kafka (guowang) |
Changed in keystone: | |
assignee: | kafka (guowang) → nobody |
Changed in python-openstackclient: | |
importance: | Undecided → Medium |
Changed in python-keystoneclient: | |
assignee: | Dave Chen (wei-d-chen) → nobody |
Changed in python-openstackclient: | |
assignee: | Dave Chen (wei-d-chen) → nobody |
Changed in python-openstackclient: | |
status: | New → Confirmed |
Changed in python-openstackclient: | |
assignee: | nobody → Navid Pustchi (npustchi) |
Changed in python-openstackclient: | |
assignee: | Navid Pustchi (npustchi) → nobody |
Changed in python-openstackclient: | |
assignee: | nobody → Lin Hua Cheng (lin-hua-cheng) |
Changed in python-openstackclient: | |
assignee: | Lin Hua Cheng (lin-hua-cheng) → nobody |
Changed in keystone: | |
status: | In Progress → Fix Released |
i think this is actually a server side issue. it looks like the query for all IdPs with name=idontexist is returning the k2k IdP.