auth failure in admin calls return 404 instead of 403
Bug #936394 reported by
Joseph Heck
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
calls that require admin privileges made by non-admins result in 'Item not found. (404)', we need to communicate an authz failure here, ideally 403 Forbidden
Changed in keystone: | |
status: | New → Confirmed |
summary: |
- auth failure in admin calls return 404 ins tead of 403 + auth failure in admin calls return 404 instead of 403 |
To post a comment you must log in.
Unable to reproduce; perhaps this was fixed?
Using a non-admin X-Auth-Token to validate an admin token returns 403: http:// paste.openstack .org/raw/ 11389/