OpenStack Identity (keystone)

auth failure in admin calls return 404 instead of 403

Bug #936394 reported by Joseph Heck on 2012-02-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	Invalid	Undecided	Unassigned

Bug Description

calls that require admin privileges made by non-admins result in 'Item not found. (404)', we need to communicate an authz failure here, ideally 403 Forbidden

Tags:

Joseph Heck (heckj) on 2012-02-19

Changed in keystone:
status:	New → Confirmed

Dolph Mathews (dolph) on 2012-03-20

summary:

- auth failure in admin calls return 404 ins tead of 403
+ auth failure in admin calls return 404 instead of 403

Revision history for this message

Dolph Mathews (dolph) wrote on 2012-03-20:

Unable to reproduce; perhaps this was fixed?

Using a non-admin X-Auth-Token to validate an admin token returns 403: http://paste.openstack.org/raw/11389/

Changed in keystone:
status:	Confirmed → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.