belongsTo not implemented for UUID; raises 500 on mismatch w/ PKI
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Adam Young |
Bug Description
1.Response header should not have Content-Type and Content-Length.
curl -v -X HEAD -H "x-auth-token: ADMIN" http://
> HEAD /v2.0/tokens/
> User-Agent: curl/7.22.0 (x86_64-
> Host: 127.0.0.1:35357
> Accept: */*
> x-auth-token: ADMIN
>
< HTTP/1.1 404 Not Found
< Vary: X-Auth-Token
< Content-Type: application/json
< Content-Length: 111
< Date: Thu, 22 Nov 2012 09:09:41 GMT
<
2. 'belongsTo' dose not work with uuid token
curl -v -X HEAD -H "x-auth-token: ADMIN" http://
> HEAD /v2.0/tokens/
> User-Agent: curl/7.22.0 (x86_64-
> Host: 127.0.0.1:35357
> Accept: */*
> x-auth-token: ADMIN
>
< HTTP/1.1 204 No Content
< Vary: X-Auth-Token
< Content-Length: 0
< Date: Thu, 22 Nov 2012 09:20:08 GMT
<
3. I guess PKI token will get "500 Internal Server Error",
when tenant id in the PKI token and belongsTo is not the same.
I don't think it's a right response.
description: | updated |
Changed in keystone: | |
status: | New → Triaged |
importance: | Undecided → Medium |
description: | updated |
summary: |
- Token validation using HEAD method has some bugs + belongsTo not implemented for UUID; raises 500 on mismatch w/ PKI |
Changed in keystone: | |
assignee: | nobody → Adam Young (ayoung) |
status: | Triaged → In Progress |
Changed in keystone: | |
milestone: | none → grizzly-rc1 |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | grizzly-rc1 → 2013.1 |
Not sure when, but the first issue described above appears to have been fixed:
$ curl -v -X HEAD -H "x-auth-token: ADMIN" http:// 127.0.0. 1:35357/ v2.0/tokens/ 1dedbe6f49c14a5 a82f3cc7765317c 2b 1dedbe6f49c14a5 a82f3cc7765317c 2b HTTP/1.1 apple-darwin12. 0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
* About to connect() to 127.0.0.1 port 35357 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 35357 (#0)
> HEAD /v2.0/tokens/
> User-Agent: curl/7.24.0 (x86_64-
> Host: 127.0.0.1:35357
> Accept: */*
> x-auth-token: ADMIN
>
< HTTP/1.1 204 No Content
< Vary: X-Auth-Token
< Content-Length: 0
< Date: Wed, 06 Mar 2013 17:17:15 GMT
<
* Connection #0 to host 127.0.0.1 left intact
* Closing connection #0