Authentication for LDAP user fails at MFA rule check
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Matthew Edmonds | ||
Ocata |
Fix Released
|
High
|
Matthew Edmonds |
Bug Description
I have a openstack master with LDAP server configured (fernet token provider). With the new changes around MFA rules (https:/
def check_auth_
user_ref = self.identity_
mfa_rules = user_ref[
In the last line the code flow expects user_Ref to always have an options attribute and this is not present for LDAP users due to which we get the below and authentication fails
INFO keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
ERROR keystone.
Conversation from #openstack-keystone on Freenode:
http://
description: | updated |
description: | updated |
tags: | added: ldap |
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → High |
Changed in keystone: | |
assignee: | nobody → Matthew Edmonds (edmondsw) |
Changed in keystone: | |
milestone: | none → pike-1 |
Lance Bragstad, thanks for cleaning up my description. It looks so much better now.