placement: Version discovery URI should not require authentication

Bug #1733630 reported by Eric Fried
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Fix Released

Bug Description

The placement API GET / returns the version document:

 <Response [200]>
   "versions": [
       "min_version": "1.0",
       "max_version": "1.10",
       "id": "v1.0"

However, it requires authentication:

# curl
{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

It shouldn't. Right now I can't find the doc that says so, but Monty confirms:

Tags: placement
Eric Fried (efried)
tags: added: placement
removed: pla
Revision history for this message
Eric Fried (efried) wrote :
hongbin (hongbin034)
Changed in nova:
assignee: nobody → hongbin (hongbin034)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (master)

Fix proposed to branch: master

Changed in nova:
status: New → In Progress
Changed in nova:
assignee: hongbin (hongbin034) → Chris Dent (cdent)
Eric Fried (efried)
Changed in nova:
assignee: Chris Dent (cdent) → hongbin (hongbin034)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Submitter: Zuul
Branch: master

commit c4c1770475b4b0cbd57bc56677eeca1326973f76
Author: Hongbin Lu <email address hidden>
Date: Tue Nov 21 20:05:21 2017 +0000

    placement: skip authentication on root URI

    The placement API GET / is for version discovery. Skip authentication
    on this URL.

    The change to test_deploy is required to make it request a URL that
    requires authentication. It had been using /.

    Change-Id: I5ed1f7a607620c43671e90eaf8a1f6285f1d15e4
    Closes-Bug: #1733630

Changed in nova:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova

This issue was fixed in the openstack/nova development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.