yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #03384
[Bug 1198171] Re: not able to authenticate with user from non-default domain, v3
You're also not specifying either the user's domain or the project's
domain in step 6, so the client is (correctly) assuming that both exist
in the default domain (which they don't, because you created them in a
non-default domain). So, the server is correctly returning a 401 for the
request in step 6, based on steps 1-5.
** Changed in: keystone
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1198171
Title:
not able to authenticate with user from non-default domain, v3
Status in OpenStack Identity (Keystone):
Invalid
Status in OpenStack Command Line Client:
Confirmed
Bug description:
Here's steps to reproduce
1) Set up keystone endpoints to v3
2) openstack --os-identity-api-version 3 domain create mydomain
3) openstack --os-identity-api-version 3 project create myproject --domain mydomain
4) openstack --os-identity-api-version 3 user create myuser --password test --domain mydomain
5) openstack --os-identity-api-version 3 role add Member --user myuser --project myproject
6) openstack --os-identity-api-version 3 --os-username myuser --os-tenant-name myproject --os-password test user list
ERROR: cliff.app Could not find project: myproject (HTTP 401)
If I add user to tenant from default domain and try to authenticate again
openstack --os-identity-api-version 3 --os-username myuser --os-tenant-name demo --os-password test user list
ERROR: cliff.app Could not find user: myuser (HTTP 401)
Well, looking at the code I see that user is searched within default
domain, not mydomain
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1198171/+subscriptions