python-keystoneclient

  1. Bug #1371355
  2. Comment #7

Comment 7 for bug 1371355

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-keystoneclient (master)

Reviewed: https://review.openstack.org/123954
Committed: https://git.openstack.org/cgit/openstack/python-keystoneclient/commit/?id=ebeca911fa291e258c2c0b1ef55a26ff5ac009d2
Submitter: Jenkins
Branch: master

commit ebeca911fa291e258c2c0b1ef55a26ff5ac009d2
Author: ankitagrawal <email address hidden>
Date: Fri Sep 19 04:46:11 2014 -0700

    Redact x-subject-token from response headers

    When you invoke any OpenStack API of any of the OpenStack services
    e.g. glance, neutron, cinder, heat, ceilometer, nova, keystone
    then it logs readable x-subject-token at the debug log level in the
    respective log files.

    Simply redacting the x-subject-token in keystone client response header
    before logging it.

    SecurityImpact
    Closes-Bug: #1371355
    Change-Id: Iac16c6358250677544761beea9f5c5d8ba29afac