auth token is valid for every swift account
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
High
|
Unassigned |
Bug Description
Set up similar to the instructions in the README
```
john@laptop:~$ curl -i -H "X-Auth-User: joeuser" -H "X-Auth-Key: secrete" http://
HTTP/1.1 204 No Content
X-Identity: http://
X-Auth-Token: c70ceeb8-
X-Cdn-Managemen
X-Glance: http://
X-Server-
X-Storage-Url: http://
X-Nova_compat: http://
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Date: Fri, 12 Aug 2011 20:19:47 GMT
john@laptop:~$ curl -i -H "X-Auth-Token: c70ceeb8-
HTTP/1.1 200 OK
X-Account-
X-Account-
X-Account-
Accept-Ranges: bytes
Content-Length: 10
Content-Type: text/plain; charset=utf-8
X-Trans-Id: txe71c6ce928554
Date: Fri, 12 Aug 2011 20:20:16 GMT
container
john@laptop:~$
john@laptop:~$
john@laptop:~$ curl -i -H "X-Auth-Token: c70ceeb8-
HTTP/1.1 200 OK
X-Account-
X-Account-
X-Account-
Accept-Ranges: bytes
Content-Length: 47
Content-Type: text/plain; charset=utf-8
X-Trans-Id: txb034e3b749954
Date: Fri, 12 Aug 2011 20:20:21 GMT
.ACCESS_LOGS
access_
log_data
john@laptop:~$
```
What call does swift make to Keystone to validate the token? Does it include the belongs_to query parameter?
----- Original Message -----
From: notmyname [mailto:<email address hidden>]
Sent: Friday, August 12, 2011 03:22 PM
To: Ziad Sawalha
Subject: [keystone] auth token is valid for every swift account (#139)
Set up similar to the instructions in the README
``` server: 5000/v1. 0 keystone. publicinternets .com/v2. 0 db3b-4135- ab83-88316c7167 ec t-Url: http:// cdn.publicinter nets.com/ v1.1/1234 glance. publicinternets .com/v1. 1/1234 Management- Url: http:// nova.publicinte rnets.com/ v1.1/ server/ v1/AUTH_ 1234 nova.publicinte rnets.com/ v1.0/
john@laptop:~$ curl -i -H "X-Auth-User: joeuser" -H "X-Auth-Key: secrete" http://
HTTP/1.1 204 No Content
X-Identity: http://
X-Auth-Token: c70ceeb8-
X-Cdn-Managemen
X-Glance: http://
X-Server-
X-Storage-Url: http://
X-Nova_compat: http://
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Date: Fri, 12 Aug 2011 20:19:47 GMT
john@laptop:~$ curl -i -H "X-Auth-Token: c70ceeb8- db3b-4135- ab83-88316c7167 ec" http:// server: 8080/v1/ AUTH_1234 Object- Count: 0 Bytes-Used: 0 Container- Count: 1 42facea27aac04a 5ba8
HTTP/1.1 200 OK
X-Account-
X-Account-
X-Account-
Accept-Ranges: bytes
Content-Length: 10
Content-Type: text/plain; charset=utf-8
X-Trans-Id: txe71c6ce928554
Date: Fri, 12 Aug 2011 20:20:16 GMT
container db3b-4135- ab83-88316c7167 ec" http:// server: 8080/v1/ AUTH_abc Object- Count: 3 Bytes-Used: 624 Container- Count: 3 d1f93f057e7efd0 afbc
john@laptop:~$
john@laptop:~$
john@laptop:~$ curl -i -H "X-Auth-Token: c70ceeb8-
HTTP/1.1 200 OK
X-Account-
X-Account-
X-Account-
Accept-Ranges: bytes
Content-Length: 47
Content-Type: text/plain; charset=utf-8
X-Trans-Id: txb034e3b749954
Date: Fri, 12 Aug 2011 20:20:21 GMT
.ACCESS_LOGS log_delivery_ data
access_
log_data
john@laptop:~$
```
-- /github. com/rackspace/ keystone/ issues/ 139
Reply to this email directly or view it on GitHub:
https:/
This email may include confidential information. If you received it in error, please delete it.