Keystone should handle ldap.SIZELIMIT_EXCEEDED error
Bug #1712415 reported by
prashkre
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Low
|
prashkre | ||
Pike |
Fix Committed
|
Low
|
Unassigned | ||
Queens |
Fix Released
|
Low
|
prashkre |
Bug Description
With ldap as identity backend server configured to keystone, GET users/groups API is abruptly failing in below stacktrace without proper error handling when ldap search results(
The size limit is of course as configured at the LDAP server and the configuration is beyond the control of OpenStack/keystone. However, keystone should have better error handling in this ldap flow so that such errors return an appropriate message. (Full stack trace can be found in the attachment)
result = func(*args,
2017-08-04 11:44:46.368 102104 ERROR keystone.
summary: |
- Handle ldap.SIZELIMIT_EXCEEDED error + Keystone should handle ldap.SIZELIMIT_EXCEEDED error |
Changed in keystone: | |
assignee: | Divya K Konoor (dikonoor) → prashkre (prashkre) |
tags: | added: user-experience |
To post a comment you must log in.
I'd like to recreate this locally, but it certainly sounds like something keystone can check for gracefully.