Comment 2 for bug 1413433

Reviewed: https://review.openstack.org/304400
Committed: https://git.openstack.org/cgit/openstack/keystonemiddleware/commit/?id=5ba835f3e145e7ec3e71beabaf8711244159dc37
Submitter: Jenkins
Branch: master

commit 5ba835f3e145e7ec3e71beabaf8711244159dc37
Author: Colleen Murphy <email address hidden>
Date: Mon Apr 11 19:13:56 2016 -0700

    Only confirm token binding on one token

    When using service tokens and kerberos, the REMOTE_USER will be the
    service user, and hence the token bind confirmation will always fail to
    validate the client user's token, making it impossible to use token
    binding with service tokens. This patch adds a test to expose the issue
    and fixes the problem by only validating the token binding for the
    service token when both tokens are in the request.

    Change-Id: I7ba2283e8e58b89f1e42bc738c7e77284321e3a5
    Closes-bug: #1413433