yahoo-eng-team team mailing list archive

[Dag Stenstad <dag@xxxxxxxxxxxx>]

Public bug reported:

There seems to be a bug somewhere when creating the expiration field for
tokens when using the new memcached->kvs->dogpile->memcached storage for
tokens.

Aystems are UTC+1 (HW clock, TZ Europe/Oslo), and "[token] expiration =
3600" in configuration, wich is the default.

No requests to any API services (except keystone) worked, all systems
reported that token is expired.

Put in some debugging, and it seems the expiration is set to UTC +
conf.token.expiration, wich in my case actually is the same time as
now().

Setting expiration to a higher value than 3600 makes the token valid.

** Affects: keystone
     Importance: Medium
     Assignee: Morgan Fainberg (mdrnstm)
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1294862

Title:
  Token expiration time with memcache->kvs->dogpile is wrong

Status in OpenStack Identity (Keystone):
  New

Bug description:
  There seems to be a bug somewhere when creating the expiration field
  for tokens when using the new memcached->kvs->dogpile->memcached
  storage for tokens.

  Aystems are UTC+1 (HW clock, TZ Europe/Oslo), and "[token] expiration
  = 3600" in configuration, wich is the default.

  No requests to any API services (except keystone) worked, all systems
  reported that token is expired.

  Put in some debugging, and it seems the expiration is set to UTC +
  conf.token.expiration, wich in my case actually is the same time as
  now().

  Setting expiration to a higher value than 3600 makes the token valid.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1294862/+subscriptions