← Back to team overview

yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1166670] Re: [OSSA 2013-011] Deleted user can still create instances

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Fri, 24 May 2013 12:47:40 -0000
Reply-to: Bug 1166670 <1166670@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Summary changed:

- Deleted user can still create instances
+ [OSSA 2013-011] Deleted user can still create instances

** Also affects: ossa
Importance: Undecided
Status: New

** Changed in: ossa
Status: New => Fix Released

** Changed in: ossa
Assignee: (unassigned) => Thierry Carrez (ttx)

--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1166670

Title:
[OSSA 2013-011] Deleted user can still create instances

Status in OpenStack Identity (Keystone):
Fix Committed
Status in Keystone folsom series:
Fix Committed
Status in Keystone grizzly series:
Fix Released
Status in OpenStack Security Advisories:
Fix Released

Bug description:
Description:
A deleted user is still able to create instances and do other stuff if he's still logged in.

Steps to reproduce:
1. Login with admin user in Chrome
2. Login with demo user in Firefox
3. Use the admin user to delete the demo user
4. Go back to firefox and use the demo user to create an instance for example

Current result:
Demo user in firefox stays logged in and can create instances, but I guess he can do anything he want with his token

Expected result:
Demo user shouldn't be able to still create instances, or do other stuff. Instead he should be automatically logged out as soon as we notice that he's already deleted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1166670/+subscriptions