Keystone client is unable to correctly look up names of federated users
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Expired
|
Undecided
|
Unassigned |
Bug Description
When looking up a user in a domain, one can generally do this:
openstack user show --domain testdomain testuser
Unfortunately, if testuser is a federated user, the above command will fail. For example:
$ openstack domain list -c ID -c Name
+----
| ID | Name |
+----
| 2b47931027ef4b9
| 3cb3f05971c243f
| 6657bdf19259489
| default | Default |
+----
In the above, 6657bdf19259489
$ openstack user list --domain 6657bdf19259489
+----
| ID | Name |
+----
| 428641fc53664e3
+----
But the following command fails:
$ openstack user show --domain 6657bdf19259489
No user with a name or ID of 'larsks' exists.
description: | updated |
Changed in keystone: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in keystone: | |
status: | Confirmed → Incomplete |
importance: | Medium → Undecided |
The debug output for the failed request looks like:
GET call to identity for https:/ /example. com:13000/ v3/users/ larsks used request id req-e38c00a2- 2429-4443- 8ef7-6ea8193a8e ef /example. com:13000/ v3/users? domain_ id=6657bdf19259 4898a1b9b846296 c5141&name= larsks -H "User-Agent: python- keystoneclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}a5e664259 619338463208b8b aa268c118095eaf 6" /example. com:13000 "GET /v3/users? domain_ id=6657bdf19259 4898a1b9b846296 c5141&name= larsks HTTP/1.1" 200 159 Token,Accept- Encoding x-openstack- request- id: req-0d425ee0- e947-4cfe- b1ad-e4fe3e4002 63 Content-Encoding: gzip Content-Length: 159 Content-Type: application/json /example. com:13000/ v3/users? domain_ id=6657bdf19259 4898a1b9b846296 c5141&name= larsks", "previous": null, "next": null}}
Request returned failure status: 404
REQ: curl -g -i -X GET https:/
https:/
RESP: [200] Date: Wed, 27 Jun 2018 19:46:33 GMT Server: Apache Vary: X-Auth-
RESP BODY: {"users": [], "links": {"self": "https:/