incorrect API doc description on domain reenablement

Bug #1810485 reported by Guang Yee on 2019-01-04
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Guang Yee

Bug Description

Looks like the description for domain re-enable is incorrect.

"Users can only authorize against an enabled domain (and any of its projects). In addition, users can only authenticate if the domain that owns them is also enabled. Disabling a domain prevents both of these things. When you disable a domain, all tokens that are authorized for that domain become no longer valid. If you reenable the domain, these tokens are not re-enabled."

Fernet token validations are real time. Disabling and subsequently re-enabling the domain will not invalidate the token that was issued prior to disabling the domain.

Fix proposed to branch: master

Changed in keystone:
assignee: nobody → Guang Yee (guang-yee)
status: New → In Progress
Changed in keystone:
importance: Undecided → Medium
tags: added: api-ref

Submitter: Zuul
Branch: master

commit bb30a51811e467ba57ebc55d09485de2e94cd4bf
Author: Guang Yee <email address hidden>
Date: Fri Jan 4 15:13:39 2019 -0800

    correct the description on domain re-enable

    Change-Id: I32daa18880a1e646bff8856799b0d01776f0aa6f
    closes-bug: 1810485

Changed in keystone:
status: In Progress → Fix Released
Changed in keystone:
milestone: none → stein-2

This issue was fixed in the openstack/keystone release candidate.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers