Resolving the members of a group with no members in LDAP throws an exception
Bug #1751048 reported by
Jose Castro Leon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
In an environment with an ldap server as identity backend, if a group with no members has a role on a project, if you try to resolve the memberships on a specific project it will throw an exception.
This is caused as when searching from members in a group in LDAP, if it does not have any it returns empty and in the code is always assuming that there is at least an object returned
Changed in keystone: | |
status: | New → Invalid |
To post a comment you must log in.
I could see where keystone could handle this a bit better. Is this no longer a concern?