idp_id, protocol_id, unique_id and name filter doesn't work for list_users API when domain_specific_drivers_enabled is set
Bug #1748062 reported by
wangxiyuan
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
When domain_
Reproduce:
1. set the domain_
2. try to list the federated users by "idp_id" filter, for example, if you have a federated user whose idp_id is "deamoidp" already, try this: GET /v3/users?
please ensure the user driver is domian aware, that is, should not be ldap.
Expect: the federated user whose idp_id=demoidp should return.
Actual: Nothing returned.
| description: | updated |
| Changed in keystone: | |
| status: | New → Incomplete |
Revision history for this message
| wangxiyuan (wangxiyuan) wrote | #1 |
| Changed in keystone: | |
| status: | Incomplete → Invalid |
To post a comment you must log in.
If domain_
for example , there are three users:
userA, local, domain_id=default,
userB, federated, domain_
userC, federated, domain_id=default, idp_id=demoidp
When call GET /v3/users with a token which domain_id=default, keystone will only return UserA and UserC. Then call GET /v3/users?
So I think Keystone's behavior is correct. We don't need to change something.
I'll set the bug to Invalid if no other comment.