yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1828783] Re: More user-friendly websso unauthorized

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Akihiro Motoki <1828783@xxxxxxxxxxxxxxxxxx>
Date: Wed, 15 May 2019 09:30:23 -0000
Reply-to: Bug 1828783 <1828783@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I added keystone as affected projects. Horizon team now has nobody who
is familiar with federated identity and no bug like this can be resolved
without keystone team support.

** Also affects: keystone
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1828783

Title:
  More user-friendly websso unauthorized

Status in OpenStack Dashboard (Horizon):
  New
Status in OpenStack Identity (keystone):
  New

Bug description:
  Whenever trying to login with horizon with federated identity, if the
  user is correctly authenticated at the IdP but not authorized by
  Keystone (mapping failed), the user just gets a json error message:

  {"error": 
    {
      "message": "The request you have made requires authentication.",
      "code": 401,
      "title": "Unauthorized"
    }
  }

  which is not very user-friendly.

  Would it be possible to catch this error by Horizon/Keystone so user
  gets a nicer error message?

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1828783/+subscriptions

References

[Bug 1828783] [NEW] More user-friendly websso unauthorized
From: Enol Fernández, 2019-05-13