yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1185905] Re: User tokens logged by keystoneclient.middleware.auth_token

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Jeremy Stanley <fungi@xxxxxxxxxxx>
Date: Thu, 30 May 2013 19:05:34 -0000
Reply-to: Bug 1185905 <1185905@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1004114 ***
    https://bugs.launchpad.net/bugs/1004114

I think this is one of the facets of the debug-level credential logging
which is being solved several ways in different places? Marking as a
duplicate of bug 1004114 but readjust if this is separate.

** Information type changed from Private Security to Public

** Tags added: security

** This bug has been marked a duplicate of bug 1004114
   Password logging

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1185905

Title:
  User tokens logged by keystoneclient.middleware.auth_token

Status in OpenStack Identity (Keystone):
  Triaged

Bug description:
  At level DEBUG, keystoneclient.middleware.auth_token will log user
  tokens, both when storing to and retrieving from memcache.

  I would expect that credentials are not logged at any level.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1185905/+subscriptions