yahoo-eng-team team mailing list archive

[OpenStack Infra <1693690@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/487583
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=0331a11842740ab3566a16ca3531bdeeed26ab37
Submitter: Jenkins
Branch:    master

commit 0331a11842740ab3566a16ca3531bdeeed26ab37
Author: Lance Bragstad <lbragstad@xxxxxxxxx>
Date:   Wed Jul 26 20:48:19 2017 +0000

    Clarify documentation on whitelists and blacklists
    
    Some references to whitelisting and blacklisting was confusing in the
    mapping documentation. This commit attempts to clarify the wording
    and purpose for both whitelists and blacklists.
    
    Change-Id: I09f4762f03824acc689600c8561fe99ea113ad9a
    Closes-Bug: 1693690


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1693690

Title:
  keystone federation mapping rules with blacklist

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  When I create a rule like:
  [
  {
      "local": [
          {
              "user": {
                  "name": "user_test",
                   "id": "faced82c29e24b10b14ea64366b4653d"
              },
              "group": {
                  "name":"group1",
                  "domain": {
                       "name":"domain1"
                             }
              }
          }
      ],
      "remote":[
                {
                "type":"openstack_user",
                "blacklist": [
                          "bob"
                      ]
                }
  ]
          }
  ]

  And 'bob' logins to the SP, the result is OK. But actually, bob is in
  the blacklist, he should has no right to login to SP. ('bob' is a user
  of idp.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1693690/+subscriptions