Reviewed: https://review.openstack.org/12868 Committed: http://github.com/openstack/keystone/commit/efb6b3fca0ba0ad768b3e803a324043095d326e2 Submitter: Jenkins Branch: master
commit efb6b3fca0ba0ad768b3e803a324043095d326e2 Author: Dolph Mathews <email address hidden> Date: Fri Sep 7 14:35:21 2012 -0500
Delete user tokens after role grant/revoke
Delete user tokens when a new role is granted or revoked, in order to prevent old tokens to continue to be valid for the original set of roles for the remainder of the token's lifespan.
Addresses CVE-2012-4413. Fixes bug 1041396.
Change-Id: Iecf891f274b67408f568b949a7028362c4c30312
Reviewed: https:/ /review. openstack. org/12868 github. com/openstack/ keystone/ commit/ efb6b3fca0ba0ad 768b3e803a32404 3095d326e2
Committed: http://
Submitter: Jenkins
Branch: master
commit efb6b3fca0ba0ad 768b3e803a32404 3095d326e2
Author: Dolph Mathews <email address hidden>
Date: Fri Sep 7 14:35:21 2012 -0500
Delete user tokens after role grant/revoke
Delete user tokens when a new role is granted or revoked, in order to
prevent old tokens to continue to be valid for the original set of
roles for the remainder of the token's lifespan.
Addresses CVE-2012-4413.
Fixes bug 1041396.
Change-Id: Iecf891f274b674 08f568b949a7028 362c4c30312