Audit middleware does not work with APIs which does not require a Keystone token
Bug #1583699 reported by
Guang Yee
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
keystonemiddleware |
Fix Released
|
Medium
|
Guang Yee |
Bug Description
Audit middleware assumes the existence of Keystone token and therefore the existence of the identity headers (i.e. HTTP_X_USER_ID, HTTP_X_USER_NAME) in the headers.
https:/
Some Swift APIs (i.e. list publically available containers) does not required a Keystone token, and therefore the identity headers will not be populated.
Audit middleware should consider the following:
1. do not emit an audit event if Keystone token is not present in the request, or
2. come up with a generic/common way to audit these types of requests
Changed in keystonemiddleware: | |
importance: | Undecided → Medium |
Changed in keystonemiddleware: | |
assignee: | Guang Yee (guang-yee) → Samuel de Medeiros Queiroz (samueldmq) |
Changed in keystonemiddleware: | |
assignee: | Samuel de Medeiros Queiroz (samueldmq) → Guang Yee (guang-yee) |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/320725
Review: https:/