yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #23683
[Bug 1380642] [NEW] Horizon should not log token
Public bug reported:
It is Horizon version of bug 1327019.
Various modules in openstack_dashboard/api logs token.
In other modules, token value is not logged now and is output as *REDACTED* or some similar string.
In Horizon case, these log lines are simply removed to fix the issue as it seems this logging is unnecessary in most cases.
I don't think this needs to be private based on the discussion in bug
1327019.
def novaclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, base.url_for(request, 'compute')))
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute'),
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = base.url_for(request, 'compute')
return c
** Affects: horizon
Importance: High
Assignee: Akihiro Motoki (amotoki)
Status: New
** Tags: security
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1380642
Title:
Horizon should not log token
Status in OpenStack Dashboard (Horizon):
New
Bug description:
It is Horizon version of bug 1327019.
Various modules in openstack_dashboard/api logs token.
In other modules, token value is not logged now and is output as *REDACTED* or some similar string.
In Horizon case, these log lines are simply removed to fix the issue as it seems this logging is unnecessary in most cases.
I don't think this needs to be private based on the discussion in bug
1327019.
def novaclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, base.url_for(request, 'compute')))
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute'),
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = base.url_for(request, 'compute')
return c
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1380642/+subscriptions
Follow ups
References