Service token should not need a tenant
Bug #887877 reported by
Ziad Sawalha
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Ziad Sawalha |
Bug Description
Why is an administrative service token bound to a tenant? In sampledata.py, two changes things should change:
1. There should be an Admin token without a tenant
2. There should be a service identity with the serviceadmin role and a token without a tenant for that identity:
('token', 'add', '999888777666', 'admin', 'customer-x',
('token', 'add', '111222333444', 'serviceadmin', 'customer-x',
Changed in keystone: | |
milestone: | none → essex-3 |
assignee: | nobody → Ziad Sawalha (ziad-sawalha) |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | essex-3 → 2012.1 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/2450 github. com/openstack/ keystone/ commit/ 0b03a1def22f44d e6f3c6830c64cf0 8c1827ddd1
Committed: http://
Submitter: Jenkins
Branch: master
status fixcommitted
done
commit 0b03a1def22f44d e6f3c6830c64cf0 8c1827ddd1
Author: Ziad Sawalha <email address hidden>
Date: Sat Dec 17 13:57:13 2011 -0600
Support for unscoped admin tokens
- Fixes bug 887877
- Updates to sampledata to not scope admin/serviceadmin tokens to customer-x
- Fix 'undocumented' bug in keystone-manage that fails to handle 'None' correctly for tenant
Change-Id: Iaa7f8897c79ca5 e4811d1f15a1b30 7ae1313b656