kerberos disable mutual authentication
Bug #1681448 reported by
Jose Castro Leon
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| keystoneauth |
Fix Released
|
Undecided
|
Jose Castro Leon | ||
Bug Description
In keystoneauth library the kerberos plugin configures requests_kerberos to do mutual authentication in optional mode. On certain cases, all your backends behind a DNS load balanced alias, this configuration fails if the reply of the negotiate command comes from different nodes.
The suggestion is to allow an option to the plugin allowing to disable the mutual authentication in those cases while leaving as default the actual behavior
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to keystoneauth (master) | #1 |
| Changed in keystoneauth: | |
| assignee: | nobody → Jose Castro Leon (jose-castro-leon) |
| status: | New → In Progress |
| Changed in keystoneauth: | |
| assignee: | Jose Castro Leon (jose-castro-leon) → Adam Young (ayoung) |
| Changed in keystoneauth: | |
| assignee: | Adam Young (ayoung) → Jose Castro Leon (jose-castro-leon) |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to keystoneauth (master) | #2 |
| Changed in keystoneauth: | |
| status: | In Progress → Fix Released |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to keystoneauth (stable/pike) | #3 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix included in openstack/keystoneauth 3.2.0 | #4 |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Change abandoned on keystoneauth (stable/pike) | #5 |
To post a comment you must log in.
Fix proposed to branch: master
Review: https:/