← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #93888

[Bug 2063321] [NEW] CADF initiator name / username field is inconsistent

  Thread PreviousDate PreviousThread Next 
Public bug reported:

The CADF notification generated by keystone and keystone middleware is
inconsistent. Specifically, the field for initiator's username is
`initiator.username` in keystone, and `initiator.name` in
keystonemiddleware.

It would be good for both keystone and keystonemiddleware to have the
same field, so we can grok for the relevant data consistently.

More information:

In Change I833e6e0d7792acf49f816050ad7a63e8ea4f702f, the username of the
initiator was added to the `initiator.username` field. However, this is
inconsistent with keystonemiddleware, which calls it
`initiator.name`[2]. It is also different from the specs, which states
it should be `initiator:name`[3].

[1] https://review.opendev.org/c/openstack/keystone/+/699013

[2]
https://opendev.org/openstack/keystonemiddleware/src/branch/stable/2023.2/keystonemiddleware/audit/_api.py#L290

[3]
https://www.dmtf.org/sites/default/files/standards/documents/DSP2038_1.1.0.pdf

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/2063321

Title:
  CADF initiator name / username field is inconsistent

Status in OpenStack Identity (keystone):
  New

Bug description:
  The CADF notification generated by keystone and keystone middleware is
  inconsistent. Specifically, the field for initiator's username is
  `initiator.username` in keystone, and `initiator.name` in
  keystonemiddleware.

  It would be good for both keystone and keystonemiddleware to have the
  same field, so we can grok for the relevant data consistently.

  More information:

  In Change I833e6e0d7792acf49f816050ad7a63e8ea4f702f, the username of
  the initiator was added to the `initiator.username` field. However,
  this is inconsistent with keystonemiddleware, which calls it
  `initiator.name`[2]. It is also different from the specs, which states
  it should be `initiator:name`[3].

  [1] https://review.opendev.org/c/openstack/keystone/+/699013

  [2]
  https://opendev.org/openstack/keystonemiddleware/src/branch/stable/2023.2/keystonemiddleware/audit/_api.py#L290

  [3]
  https://www.dmtf.org/sites/default/files/standards/documents/DSP2038_1.1.0.pdf

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2063321/+subscriptions
  Thread PreviousDate PreviousThread Next