[Bug 988920] Re: Token authentication for a user in a disabled tenant does not raise Unauthorized error
Dolph Mathews
988920 at bugs.launchpad.net
Thu Sep 27 15:37:45 UTC 2012
Russell: It's exactly as you describe.
In this case, authentication succeeds as expected, but authorization
should fail (disabling the tenant should break the user-tenant
authorization relationship).
Once the token is established with authorization on the tenant, keystone
would respond 200 OK to token validation requests from other OpenStack
services, allowing the user to work with the tenant's resources --
probably not what the admin had in mind when disabling the tenant!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/988920
Title:
Token authentication for a user in a disabled tenant does not raise
Unauthorized error
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/988920/+subscriptions
More information about the Ubuntu-server-bugs
mailing list