← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1408947] [NEW] Nova SHA1 password with Keystone linked to LDAP

 

Public bug reported:

Openstack Juno
Ubuntu 14.04

I configured Keystone with my LDAP, following installation guide I have
admin-openrc.sh as follow:

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=my_secret
export OS_AUTH_URL=http://master01.th.ascolotus.com:35357/v2.0

at the end with configuration of nova:

$> nova --debug list

REQ: curl -i 'http://master01.th.ascolotus.com:35357/v2.0/tokens' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "{SHA1}735cc5cd7e1d762680bbf53a4247b3e8f36d4d67"}}}'
INFO (connectionpool:258) Starting new HTTP connection (1): master01.th.ascolotus.com
DEBUG (connectionpool:375) Setting read timeout to 600.0
DEBUG (connectionpool:415) "POST /v2.0/tokens HTTP/1.1" 401 114
RESP: [401] {'content-length': '114', 'vary': 'X-Auth-Token', 'www-authenticate': 'Keystone uri="http://master01.th.ascolotus.com:35357";', 'date': 'Fri, 09 Jan 2015 09:23:09 GMT', 'content-type': 'application/json', 'x-distribution': 'Ubuntu'}
RESP BODY: {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

DEBUG (shell:803) Invalid OpenStack Nova credentials.
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 800, in main
    OpenStackComputeShell().main(argv)
  File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 701, in main
    raise exc.CommandError(_("Invalid OpenStack Nova credentials."))
CommandError: Invalid OpenStack Nova credentials.
ERROR (CommandError): Invalid OpenStack Nova credentials.

SHA1 is the hashed password, LDAP use SSHA.

** Affects: nova
     Importance: Undecided
         Status: New


** Tags: nova

** Tags added: nova

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1408947

Title:
  Nova SHA1 password with Keystone linked to LDAP

Status in OpenStack Compute (Nova):
  New

Bug description:
  Openstack Juno
  Ubuntu 14.04

  I configured Keystone with my LDAP, following installation guide I
  have admin-openrc.sh as follow:

  export OS_TENANT_NAME=admin
  export OS_USERNAME=admin
  export OS_PASSWORD=my_secret
  export OS_AUTH_URL=http://master01.th.ascolotus.com:35357/v2.0

  at the end with configuration of nova:

  $> nova --debug list

  REQ: curl -i 'http://master01.th.ascolotus.com:35357/v2.0/tokens' -X POST -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "{SHA1}735cc5cd7e1d762680bbf53a4247b3e8f36d4d67"}}}'
  INFO (connectionpool:258) Starting new HTTP connection (1): master01.th.ascolotus.com
  DEBUG (connectionpool:375) Setting read timeout to 600.0
  DEBUG (connectionpool:415) "POST /v2.0/tokens HTTP/1.1" 401 114
  RESP: [401] {'content-length': '114', 'vary': 'X-Auth-Token', 'www-authenticate': 'Keystone uri="http://master01.th.ascolotus.com:35357";', 'date': 'Fri, 09 Jan 2015 09:23:09 GMT', 'content-type': 'application/json', 'x-distribution': 'Ubuntu'}
  RESP BODY: {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

  DEBUG (shell:803) Invalid OpenStack Nova credentials.
  Traceback (most recent call last):
    File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 800, in main
      OpenStackComputeShell().main(argv)
    File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 701, in main
      raise exc.CommandError(_("Invalid OpenStack Nova credentials."))
  CommandError: Invalid OpenStack Nova credentials.
  ERROR (CommandError): Invalid OpenStack Nova credentials.

  SHA1 is the hashed password, LDAP use SSHA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1408947/+subscriptions


Follow ups

References