yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1253956] Re: Different behavior in username/password validation

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1253956@xxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Feb 2014 04:17:42 -0000
Reply-to: Bug 1253956 <1253956@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for Keystone because there has been no activity for 60 days.]

** Changed in: keystone
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1253956

Title:
  Different behavior in username/password validation

Status in OpenStack Identity (Keystone):
  Expired

Bug description:
  I am running folsom keystone and seeing different behavior:

  when password is wrong then 
   curl   -d '{"auth":{"passwordCredentials":{"username": "swift", "password": "test"}}}' -H "Content-type: application/json" http://10.xx.xx.xx:5000/v2.0/tokens

  /usr/lib/python2.6/site-packages/keystone/service.py:330: DeprecationWarning: BaseException.message has been deprecated as of Python 2.6
    raise exception.Unauthorized(e.message)
  {"error": {"message": "Invalid user / password", "code": 401, "title": "Not Authorized"}}

  when username is wrong then:
  curl   -d '{"auth":{"passwordCredentials":{"username": "swift1", "password": "test123"}}}' -H "Content-type: application/json" http://10.xx.xx.xx:5000/v2.0/tokens

  {"error": {"message": "The request you have made requires
  authentication.", "code": 401, "title": "Not Authorized"}}

  
  Both case should display proper message and either Invalid user or Invalid password.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1253956/+subscriptions