← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1547031] Re: Can't distinguish users through openid login

 

Your mapping is unconditionally resulting in this behavior. See the
mapping documentation:

  http://docs.openstack.org/developer/keystone/mapping_combinations.html

** Changed in: keystone
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1547031

Title:
  Can't distinguish users through openid login

Status in OpenStack Identity (keystone):
  Invalid

Bug description:
  Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account.
    but there is a problem, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource
    I don't know whether somewhere i parsed is wrong, this is my mapping:
  {
          "local": [
              {
                  "user": {
                      "name": "{3}",
                      "realname": "{2}",
                      "email": "{3}"
                  },
                  "group": {
                      "name": "demo",
                      "domain": {
                          "name": "Default"
                      }
                  }
              }
          ],
          "remote": [
              {
                  "type": "HTTP_OIDC_SUB"
              },
              {
                  "type": "HTTP_OIDC_ISS"
              },
              {
                  "type": "HTTP_OIDC_NAME"
              },
              {
                  "type": "HTTP_OIDC_EMAIL"
              }
          ]
      }

  devstack address: www.scorpio.ml

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1547031/+subscriptions


References