Keystone Kerberos auth broken when delegate to HTTP
Bug #1947870 reported by
Sacha Pateyron
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
New
|
Undecided
|
Unassigned |
Bug Description
Keystone Kerberos works well when you openstack client
can dialog with yours KDC.
However when KDC is hidden, it's not accessible by our
users directly so we need to delegate the auth Kerberos
to HTTP to get Keystone token, that's why we use curl command.
From the Openstack client cli we get "Negotiate"
as auth_type -> it's works. Nonetheless with curl we get "Basic"
as auth_type -> raised error.
That's why we proposed to add "Basic" as authorized method for Kerberos.
https:/
Patchset: 1efc0c5c6730c90
tags: | added: kerberos keystone train |
tags: | added: http negotiate |
To post a comment you must log in.