yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1895834] [NEW] Location Directive should be included in the VirtualHost directive

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Antonio De Iasio <1895834@xxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Sep 2020 13:06:14 -0000
Reply-to: Bug 1895834 <1895834@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

That's the content of wsgi-keystone.conf

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LimitRequestBody 114688
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog /var/log/httpd/keystone.log
    CustomLog /var/log/httpd/keystone_access.log combined

    <Directory /usr/bin>
        <IfVersion >= 2.4>
            Require all granted
        </IfVersion>
        <IfVersion < 2.4>
            Order allow,deny
            Allow from all
        </IfVersion>
    </Directory>
</VirtualHost>

Alias /identity /usr/bin/keystone-wsgi-public
<Location /identity>
    SetHandler wsgi-script
    Options +ExecCGI

    WSGIProcessGroup keystone-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
</Location>

It does not allow to access identity tab on horizon, even if one has the
admin privileges.

I solved it by putting the

Alias and the Location directive inside the VirtualHost.

Hope it can help, kind regards.

** Affects: keystone
     Importance: Undecided
         Status: New


** Tags: dashboard horizon identity keystone

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1895834

Title:
  Location Directive should be included in the VirtualHost directive

Status in OpenStack Identity (keystone):
  New

Bug description:
  That's the content of wsgi-keystone.conf

  <VirtualHost *:5000>
      WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
      WSGIProcessGroup keystone-public
      WSGIScriptAlias / /usr/bin/keystone-wsgi-public
      WSGIApplicationGroup %{GLOBAL}
      WSGIPassAuthorization On
      LimitRequestBody 114688
      <IfVersion >= 2.4>
        ErrorLogFormat "%{cu}t %M"
      </IfVersion>
      ErrorLog /var/log/httpd/keystone.log
      CustomLog /var/log/httpd/keystone_access.log combined

      <Directory /usr/bin>
          <IfVersion >= 2.4>
              Require all granted
          </IfVersion>
          <IfVersion < 2.4>
              Order allow,deny
              Allow from all
          </IfVersion>
      </Directory>
  </VirtualHost>

  Alias /identity /usr/bin/keystone-wsgi-public
  <Location /identity>
      SetHandler wsgi-script
      Options +ExecCGI

      WSGIProcessGroup keystone-public
      WSGIApplicationGroup %{GLOBAL}
      WSGIPassAuthorization On
  </Location>

  It does not allow to access identity tab on horizon, even if one has
  the admin privileges.

  I solved it by putting the

  Alias and the Location directive inside the VirtualHost.

  Hope it can help, kind regards.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1895834/+subscriptions