kolla

Keystone: admin_token_auth middleware should be removed from paste ini file

Bug #1587747 reported by Christian Berendt on 2016-06-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	kolla	Fix Released	Low	Unassigned

Bug Description

When using keystone-manage bootstrap it is not necessary to enable the admin_token_auth middleware in the paste ini file.

2016-06-01 09:15:32.487 16 WARNING keystone.middleware.core [req-059297be-8be7-412a-975c-f21d74647b4e - - - - -] The admin_token_auth middleware presents a security risk and should be removed from the [pipeline:api_v3], [pipeline:admin_api], and [pipeline:public_api] sections of your paste ini file.

Swapnil Kulkarni (coolsvap-deactivatedaccount) on 2016-06-13

Changed in kolla:
importance:	Undecided → Low

Revision history for this message

Swapnil Kulkarni (coolsvap-deactivatedaccount) wrote on 2016-06-13:

Can you provide complete log file where you get this warning. I am not able to locate it in gate logs.

Paul Bourke (pauldbourke) on 2016-06-23

Changed in kolla:
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-08-23:

[Expired for kolla because there has been no activity for 60 days.]

Changed in kolla:
status:	Incomplete → Expired

Revision history for this message

Christian Berendt (berendt) wrote on 2016-09-20:

2016-09-20 15:27:45.869 25 WARNING keystone.middleware.core [req-1a1b8ce5-e643-40a0-b9e2-3090a68341af - - - - -] The admin_token_auth middleware presents a security risk and should be removed from the [pipeline:api_v3], [pipeline:admin_api], and [pipeline:public_api] sections of your paste ini file.
2016-09-20 15:27:46.084 25 WARNING keystone.middleware.core [req-1a1b8ce5-e643-40a0-b9e2-3090a68341af - - - - -] The admin_token_auth middleware presents a security risk and should be removed from the [pipeline:api_v3], [pipeline:admin_api], and [pipeline:public_api] sections of your paste ini file.

Changed in kolla:
status:	Expired → Confirmed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-09-26: Fix merged to kolla (master)

Reviewed: https://review.openstack.org/373379
Committed: https://git.openstack.org/cgit/openstack/kolla/commit/?id=45f696cfe786a7287bbeac33d03e84bf6d4a796e
Submitter: Jenkins
Branch: master

commit 45f696cfe786a7287bbeac33d03e84bf6d4a796e
Author: Christian Berendt <email address hidden>
Date: Tue Sep 20 16:38:23 2016 +0200

Use keystone-paste.ini template for keystone

    The use of the admin_token_auth middleware presents a security risk
    and was removed from [pipeline:api_v3], [pipeline:admin_api],
    and [pipeline:public_api].

Change-Id: I3a3ca2e74c0ae341105d3481f97956c6da473046
Closes-bug: #1587747

Changed in kolla:
status:	Confirmed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-10-13: Fix included in openstack/kolla 3.0.0.0rc2

This issue was fixed in the openstack/kolla 3.0.0.0rc2 release candidate.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.