authenticate in ldap backend doesn't return a list of roles

Bug #1035428 reported by Ryan Lane
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Fix Released
Medium
Andrew Bogott
Essex
Fix Released
Medium
Unassigned
keystone (Ubuntu)
Fix Released
Undecided
Unassigned
Precise
Fix Released
Undecided
Unassigned

Bug Description

authenticate should return a list of roles, currently it returns empty metadata.

Revision history for this message
Dolph Mathews (dolph) wrote :

Although this is an issue only affecting stable/essex, a test should be merged into both master and stable/essex.

Changed in keystone:
assignee: nobody → Ryan Lane (rlane)
assignee: Ryan Lane (rlane) → nobody
importance: Undecided → Medium
status: New → Confirmed
assignee: nobody → Ryan Lane (rlane)
Revision history for this message
Ryan Lane (rlane) wrote :
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/11776

Changed in keystone:
assignee: Ryan Lane (rlane) → Andrew Bogott (andrewbogott)
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (stable/essex)

Fix proposed to branch: stable/essex
Review: https://review.openstack.org/11777

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (stable/essex)

Reviewed: https://review.openstack.org/11777
Committed: http://github.com/openstack/keystone/commit/ff6df7cdbeaed6a8784955ba866332ec5f082ad5
Submitter: Jenkins
Branch: stable/essex

commit ff6df7cdbeaed6a8784955ba866332ec5f082ad5
Author: Ryan Lane <email address hidden>
Date: Thu Jul 26 11:41:16 2012 -0700

    Returning roles from authenticate in ldap backend

    Without this fix, the LDAP backend doesn't return
    roles during the authentication phase.

    lp 1035428

    Change-Id: Ibd7e5a8f5475b56a4d3063c85ab634e4c0614e7e

tags: added: in-stable-essex
Dave Walker (davewalker)
Changed in keystone (Ubuntu):
status: New → Fix Released
Changed in keystone (Ubuntu Precise):
status: New → Confirmed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/11776
Committed: http://github.com/openstack/keystone/commit/af52ef1479861ffdf3aa3a334fc9fffc8faa8843
Submitter: Jenkins
Branch: master

commit af52ef1479861ffdf3aa3a334fc9fffc8faa8843
Author: Andrew Bogott <email address hidden>
Date: Tue Aug 21 17:52:58 2012 -0500

    Demonstrate that authenticate() returns roles.

    This is related to lp 1035428; that bug is fixed in folsom,
    but this test is also about to appear in stable/essex.

    Change-Id: Iadd4091339aab2c3a8d474b44dcd11f8bfd1d510

Changed in keystone:
status: In Progress → Fix Committed
Revision history for this message
Adam Gandelman (gandelman-a) wrote : Verification report.

Please find the attached test log from the Ubuntu Server Team's CI infrastructure. As part of the verification process for this bug, Keystone has been deployed and configured across multiple nodes using precise-proposed as an installation source. After successful bring-up and configuration of the cluster, a number of exercises and smoke tests have be invoked to ensure the updated package did not introduce any regressions. A number of test iterations were carried out to catch any possible transient errors.

Please Note the list of installed packages at the top and bottom of the report.

For records of upstream test coverage of this update, please see the Jenkins links in the comments of the relevant upstream code-review(s):

Trunk review: https://review.openstack.org/11776
Stable review: https://review.openstack.org/11777

As per the provisional Micro Release Exception granted to this package by the Technical Board, we hope this contributes toward verification of this update.

Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Test coverage log.

tags: added: verification-done
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package keystone - 2012.1+stable~20120824-a16a0ab9-0ubuntu2

---------------
keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2) precise-proposed; urgency=low

  * New upstream release (LP: #1041120):
    - debian/patches/0013-Flush-tenant-membership-deletion-before-user.patch:
      Dropped.
  * Resynchronize with stable/essex:
    - authenticate in ldap backend doesn't return a list of roles
      (LP: #1035428)
    - LDAP should not check username on "sn" field (LP: #997700)
    - Admin API doesn't valid token. (LP: #1006815, #1006822)
    - Memcache token backend eventually stops working. (LP: #1012381)
    - EC2 credentials not migrated from legacy (diablo) database. (LP: #1016056)
    - Deleting tenants or users does not cleanup metadata. (LP: #973243)
    - Deleting tenants does not cleanup its user associations. (LP: #974199)
    - TokenNotFound not raised in testsuite beacuse of timezone issues. (LP: #983800)
    - Token authentication for a user in a disabled tenant does not raise
      Unauthorized error. (LP: #988920)
    - export_legacy_catalog doesn't convert url names correctly. (LP: #994936)
    - Following a password compromise and subsequent password change,
      tokens remain valid. (LP: #996595)
    - Tokens remain valid after a user account is disabled. (LP: #997194)
 -- Adam Gandelman <email address hidden> Fri, 24 Aug 2012 03:34:59 -0400

Changed in keystone (Ubuntu Precise):
status: Confirmed → Fix Released
Revision history for this message
Clint Byrum (clint-fewbar) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Joseph Heck (heckj)
Changed in keystone:
milestone: none → folsom-rc1
Thierry Carrez (ttx)
Changed in keystone:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in keystone:
milestone: folsom-rc1 → 2012.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.