[OSSA 2012-016]Token authentication for a user in a disabled tenant does not raise Unauthorized error
Bug #988920 reported by
Rohit Karajgi
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Dolph Mathews | ||
Essex |
Fix Released
|
Medium
|
Unassigned | ||
OpenStack Security Advisory |
Fix Released
|
Undecided
|
Russell Bryant | ||
keystone (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Scenario: Token authentication for a user belonging to a disable tenant should not be allowed.
Steps:
1. Create a tenant and a user for the tenant
2. Disable the tenant
3. Request token authentication (POST) for the user and tenant
Eg: {
"auth": {
}
}
Expected Status: HTTP 401 Unauthorized
Actual Status: HTTP 200 OK
Related branches
lp:~openstack-ubuntu-testing/keystone/precise-essex-proposed
- Ubuntu Server Developers: Pending requested
-
Diff: 13 lines (+6/-0)1 file modifieddebian/changelog (+6/-0)
CVE References
Changed in keystone: | |
assignee: | nobody → Dolph Mathews (dolph) |
tags: | added: essex-backport |
Changed in keystone: | |
milestone: | none → folsom-3 |
status: | Fix Committed → Fix Released |
Changed in keystone (Ubuntu): | |
status: | New → Fix Released |
Changed in keystone (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in keystone: | |
milestone: | folsom-3 → 2012.2 |
summary: |
- Token authentication for a user in a disabled tenant does not raise - Unauthorized error + [OSSA 2012-016]Token authentication for a user in a disabled tenant does + not raise Unauthorized error |
Changed in ossa: | |
assignee: | nobody → Russell Bryant (russellb) |
status: | New → Fix Released |
To post a comment you must log in.
Should it?
Since a user isn't determined to be uniquely part of a tenant (i.e. a user *can* be associated with multiple tenants), then the authentication of a user is a completely independent of it's applicability to the tenant and it's state (enabled/disabled).
There is the potential for a special case that *when* a user is associated with a single tenant, and that tenant is disabled, the auth should fail. Is that what you're suggesting?