[OSSA 2012-010] Tokens remain valid after a user account is disabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Derek Higgins | ||
Essex |
Fix Released
|
Undecided
|
Alan Pevec | ||
OpenStack Security Advisory |
Fix Released
|
Undecided
|
Thierry Carrez | ||
keystone (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
> ./tools/
No handlers could be found for logger "keystoneclient
+------
| Property | Value |
+------
| expires | 2012-05-
| id | 71f47f87993f4d4
| tenant_id | b0b68a8de4d141d
| user_id | e20d930d58c44b1
+------
> ./tools/
> ./tools/
No handlers could be found for logger "keystoneclient
Authorization Failed: User has been disabled (HTTP 403)
> curl -X GET http://
{"access": {"token": {"expires": "2012-05-
Related branches
- Ubuntu Server Developers: Pending requested
-
Diff: 13 lines (+6/-0)1 file modifieddebian/changelog (+6/-0)
CVE References
Changed in keystone: | |
assignee: | nobody → Derek Higgins (derekh) |
security vulnerability: | no → yes |
Changed in keystone: | |
importance: | Undecided → Wishlist |
Changed in keystone: | |
milestone: | none → folsom-1 |
tags: | added: essex-backport-potential |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
tags: |
added: essex-backport removed: essex-backport-potential |
Changed in keystone (Ubuntu): | |
status: | New → Fix Released |
Changed in keystone (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in keystone: | |
milestone: | folsom-1 → 2012.2 |
summary: |
- Tokens remain valid after a user account is disabled + [OSSA 2012-010] Tokens remain valid after a user account is disabled |
Changed in ossa: | |
assignee: | nobody → Thierry Carrez (ttx) |
status: | New → Fix Released |
Fix proposed to branch: master /review. openstack. org/7344
Review: https:/