Keystone middleware for ec2 doesn't work with keystone v3
Bug #1564010 reported by
Mike Lowe
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| keystonemiddleware |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
When using ec2 credentials and a v3 url for keystone_ec2_url in nova.conf a 400 bad request error is returned, if a v2 url is used then only users in the default domain are functional and auth fails for users with non-default domain credentials. This indicates that this portion of keystonemiddleware isn't able to handle keystone v3.
| Changed in keystonemiddleware: | |
| assignee: | nobody → Adam Young (ayoung) |
Revision history for this message
| Mike Lowe (jomlowe) wrote | #1 |
Revision history for this message
| Steve Martinelli (stevemar) wrote | #2 |
| Changed in keystonemiddleware: | |
| assignee: | Adam Young (ayoung) → nobody |
Revision history for this message
| Mike Lowe (jomlowe) wrote | #3 |
Revision history for this message
| Steve Martinelli (stevemar) wrote | #4 |
| Changed in keystonemiddleware: | |
| status: | New → Fix Released |
| importance: | Undecided → Medium |
To post a comment you must log in.
Steps to reproduce:
Create a default domain user and project
Create a non default domain and add a user and project
enable ec2 in nova-api
openstack ec2 create <default domain user id> <default domain project id>
openstack ec2 create <non-default domain user id> <non-default domain project id>
use these credentials with boto
"""
import boto
default_conn = boto.connect_
nondefault_conn = boto.connect_
default_
nondefault_
"""