| Thread Previous • Date Previous • Date Next • Thread Next |
Public bug reported:
A Federated user gets an entry in the shadow-users table. This entry
has a unique ID. It is generated using a UUID. This mirrors what we do
for LDAP, but in the LDAP case, the ID is generated from the domain ID +
the local id of the user (an attribute that uniquely ids the user in
LDAP). THus, the LDAP code can be changed at config time, but the
Federated code can't. It also means that Federated IDs cannot be kept
in sync between two keystone servers.
** Affects: keystone
Importance: Low
Assignee: Adam Young (ayoung)
Status: In Progress
** Changed in: keystone
Importance: Undecided => Low
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1794530
Title:
Federation IDs hardcode UUIDs instead of configured id_generator
Status in OpenStack Identity (keystone):
In Progress
Bug description:
A Federated user gets an entry in the shadow-users table. This entry
has a unique ID. It is generated using a UUID. This mirrors what we
do for LDAP, but in the LDAP case, the ID is generated from the domain
ID + the local id of the user (an attribute that uniquely ids the user
in LDAP). THus, the LDAP code can be changed at config time, but the
Federated code can't. It also means that Federated IDs cannot be kept
in sync between two keystone servers.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1794530/+subscriptions
| Thread Previous • Date Previous • Date Next • Thread Next |
