yahoo-eng-team team mailing list archive

[Marek Denis <marek.denis@xxxxxxx>]

Public bug reported:

URL /v3/auth/tokens cannot be used when issuing unscoped federated
tokens, as such URL must be configured as protected in the mod_shib
configuration. Thus, a dedicated URL must be able to run federated
authentication. Also, as usually during federated authentication initial
data used by the client is lost (due to many HTTP redirections between
SP and IdP) it's advised for clients to access URL with IdP and protocol
specified in the URL.

** Affects: keystone
     Importance: Undecided
     Assignee: Marek Denis (marek-denis)
         Status: New

** Changed in: keystone
     Assignee: (unassigned) => Marek Denis (marek-denis)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1296348

Title:
  /v3/auth/tokens cannot be used for issuing unscoped tokens during
  federated authn

Status in OpenStack Identity (Keystone):
  New

Bug description:
  URL /v3/auth/tokens cannot be used when issuing unscoped federated
  tokens, as such URL must be configured as protected in the mod_shib
  configuration. Thus, a dedicated URL must be able to run federated
  authentication. Also, as usually during federated authentication
  initial data used by the client is lost (due to many HTTP redirections
  between SP and IdP) it's advised for clients to access URL with IdP
  and protocol specified in the URL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1296348/+subscriptions