cyclic dependencies in implied roles
Bug #1536321 reported by
Adam Young
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Adam Young |
Bug Description
Today it is possible to define an implied role structure that is not a DAG. This will crash the Keystone server if a token iis requested that will pull in any of those roles.
While it might be impractical to prevent cycles in the creation, it is very possible to prevent the expansion from crashing the server.
Changed in keystone: | |
importance: | Undecided → High |
milestone: | none → mitaka-3 |
Changed in keystone: | |
assignee: | Adam Young (ayoung) → Steve Martinelli (stevemar) |
Changed in keystone: | |
assignee: | Steve Martinelli (stevemar) → Adam Young (ayoung) |
Changed in keystone: | |
assignee: | Adam Young (ayoung) → Steve Martinelli (stevemar) |
Changed in keystone: | |
assignee: | Steve Martinelli (stevemar) → Adam Young (ayoung) |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/271134
Review: https:/