OpenStack Identity (keystone)

  1. Bug #1242597
  2. Comment #40

Comment 40 for bug 1242597

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/61419
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=fa16882507d05f3bf2bbfbd62bb1b5bc0a6fb2b4
Submitter: Jenkins
Branch: master

commit fa16882507d05f3bf2bbfbd62bb1b5bc0a6fb2b4
Author: Steven Hardy <email address hidden>
Date: Mon Oct 21 19:49:01 2013 +0100

    Fix issues handling trust tokens via ec2tokens API

    Trust scoped tokens are handled incorectly when making requests
    via the ec2tokens API, meaning that the restrictions enforced
    by trust-scoped tokens are not respected when obtaining a token
    via ec2token signature validation.

    Storing the trust_id in the blob associated with the ec2 keypair,
    and passing that id in the metadata when requesting a v2 token
    solves the issue.

    Change-Id: I52566384d7813ef0e2f20fb94a5076386457ff02
    Closes-Bug: #1242597