yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #63872
[Bug 1687401] Re: Keystone 403 Forbidden
I am unable to communicate with Keystone via the HTTP API, I have tried both internal and admin endpoints but I always get a 401 Unauthorised.
When accessing Keystone properties in the Dashboard (horizon) I also get a 403, however, everything else works fine.
I have also tried manually composing some HTTP requests from the CLI:
curl -vv -X POST -H 'Content-Type: application/json' -d '{
"auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "tiferrei",
"domain": { "id": "default" },
"password": "<password>"
}
}
},
"scope": {
"project": {
"name": "default",
"domain": { "id": "default" }
}
}
}
}' http://controller:5000/v3/auth/tokens ; echo
And:
curl -vv -X POST -H 'Content-Type: application/json' -d '{
"auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "tiferrei",
"domain": { "id": "default" },
"password": "<password>"
}
}
},
"scope": {
"project": {
"name": "default",
"domain": { "id": "default" }
}
}
}
}' http://controller:35357/v3/auth/tokens ; echo
They both return:
{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
Any ideas as to why I'm being denied access to Keystone?
** Summary changed:
- Horizon 403 Forbidden
+ Keystone 403 Forbidden
** Also affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1687401
Title:
Keystone 403 Forbidden
Status in OpenStack Dashboard (Horizon):
Invalid
Status in OpenStack Identity (keystone):
New
Bug description:
Hello there,
I have been struggling a bit with moving the horizon page from domain.com/horizon to domain.com/ + setting up HTTPS, here's what I have tied:
- [General 403 debugging](https://askubuntu.com/questions/292968/apache2-forbidden-you-dont-have-permission-to-access-dir-on-this-server)
- [General 403 debugging](https://unix.stackexchange.com/questions/169513/403-forbidden-you-dont-have-permission-to-access-on-this-server-apache2)
- [403 fix for Horizon](https://fosshelp.blogspot.co.uk/2014/02/openstack-horizon-you-dont-have.html)
- [General 403 debugging](https://stackoverflow.com/questions/10873295/error-message-forbidden-you-dont-have-permission-to-access-on-this-server)
- [Launchpad 403 knwon (and fixed) bug ](https://bugs.launchpad.net/devstack/+bug/1243075)
- [HTTPS config guide (from Juno)](https://docs.openstack.org/juno/config-reference/content/configure-dashboard.html#after-example)
### Environment
- Followed the latest installation guide (Ocata)
- Apache2 version: Apache/2.4.18 (Ubuntu)
- Ubuntu 16.04.2 LTS AMD64
### Configuration
**local_settings.py**
https://paste.debian.net/930199/
**openstack-dashboard.conf**
https://paste.debian.net/930200/
**error.log**
https://paste.debian.net/930201/
This leaves me with some funny results, the login page loads but is
missing CSS, only plain HTML. When I log in, everything else gives me
a `403`.
Any help would be appreciated.
Thank you,
Tiago Ferreira
me@xxxxxxxxxxxx
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1687401/+subscriptions
References
