OpenStack Identity (keystone)

  1. Bug #1242597
  2. Comment #41

Comment 41 for bug 1242597

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/havana)

Reviewed: https://review.openstack.org/61425
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=bd0e3e4cf0bda19ba9f45a60be7e4d6de196f224
Submitter: Jenkins
Branch: stable/havana

commit bd0e3e4cf0bda19ba9f45a60be7e4d6de196f224
Author: Steven Hardy <email address hidden>
Date: Mon Oct 21 19:49:01 2013 +0100

    Fix issues handling trust tokens via ec2tokens API

    Trust scoped tokens are handled incorectly when making requests
    via the ec2tokens API, meaning that the restrictions enforced
    by trust-scoped tokens are not respected when obtaining a token
    via ec2token signature validation.

    Storing the trust_id in the blob associated with the ec2 keypair,
    and passing that id in the metadata when requesting a v2 token
    solves the issue.

    Change-Id: I52566384d7813ef0e2f20fb94a5076386457ff02
    Closes-Bug: #1242597