No way to convert V2 tokens to V3 if domain id changes
Bug #1477373 reported by
Adam Young
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Expired
|
Undecided
|
Unassigned |
Bug Description
While many people are still stuck on V2 tokens, we need a safe way to map them to V3. If they default domain changes, the tokens will not be properly converted. THe best that can be done now is to guess that the domain_id is "default" and the name is "Default"
both these values should be included as hints in V2 tokens until they are completely removed.
Changed in keystone: | |
status: | Invalid → New |
To post a comment you must log in.
NOte that this has a security implication in that policy might be improperly enforced based on the domain for admin actions.