yahoo-eng-team team mailing list archive

[OpenStack Infra <1296348@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/82532
Committed: https://git.openstack.org/cgit/openstack/identity-api/commit/?id=cd9f137d5a572aebdf3d91d5c887f11c7e191c67
Submitter: Jenkins
Branch:    master

commit cd9f137d5a572aebdf3d91d5c887f11c7e191c67
Author: Marek Denis <marek.denis@xxxxxxx>
Date:   Mon Mar 24 17:12:54 2014 +0100

    Add dedicated URL for federated authentication.
    
    Describe new URL for federated authentication
    ``/v3/OS-FEDERATION/identity_providers/{identity_provider}/
    protocols/{protocol}/auth``  and available HTTP methods.
    
    Change-Id: Ic25e726c9c146050575b68c29ed3c6c8dab27016
    Closes-Bug: #1296348


** Changed in: openstack-api-site
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1296348

Title:
  /v3/auth/tokens cannot be used for issuing unscoped tokens during
  federated authn

Status in OpenStack Identity (Keystone):
  In Progress
Status in OpenStack API documentation site:
  Fix Released

Bug description:
  URL /v3/auth/tokens cannot be used when issuing unscoped federated
  tokens, as such URL must be configured as protected in the mod_shib
  configuration. Thus, a dedicated URL must be able to run federated
  authentication. Also, as usually during federated authentication
  initial data used by the client is lost (due to many HTTP redirections
  between SP and IdP) it's advised for clients to access URL with IdP
  and protocol specified in the URL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1296348/+subscriptions