1401057
|
#1401057 |
Direct mapping in mapping rules don't work with keywords
|
|
3
High
|
Marek Denis
|
10
Fix Released
|
1490571
|
#1490571 |
Refactor use of oslo.db.sqlalchemy.session.EngineFacade because it's deprecated
|
|
3
High
|
Morgan Fainberg
|
10
Fix Released
|
1496946
|
#1496946 |
keystone v2 allows creation of is_domain=True projects
|
|
3
High
|
Henrique Truta
|
10
Fix Released
|
1520383
|
#1520383 |
Tests that need policy.json can never find it if run in isolation
|
|
3
High
|
David Stanek
|
10
Fix Released
|
1521844
|
#1521844 |
pycadf ID validation fails for multi-domain IDs
|
|
3
High
|
Ajaya Agrawal
|
10
Fix Released
|
1525250
|
#1525250 |
Failure when federated user name contains non ascii characters
|
|
3
High
|
Steve Martinelli
|
10
Fix Released
|
1536321
|
#1536321 |
cyclic dependencies in implied roles
|
|
3
High
|
Adam Young
|
10
Fix Released
|
1537617
|
#1537617 |
caching of the catalog does not invalidate across processes
|
|
3
High
|
Morgan Fainberg
|
10
Fix Released
|
1541092
|
#1541092 |
squash migrations in preparation for mitaka
|
|
3
High
|
Steve Martinelli
|
10
Fix Released
|
1541540
|
#1541540 |
Implied role "root_role" config needs to be expanded
|
|
3
High
|
John Dennis
|
10
Fix Released
|
1545761
|
#1545761 |
admin_token_auth 'deprecation' actually removes it from the pipelines
|
|
3
High
|
Adam Young
|
10
Fix Released
|
1545960
|
#1545960 |
authenticating with ldap user fails due to notification
|
|
3
High
|
Steve Martinelli
|
10
Fix Released
|
1546562
|
#1546562 |
deleting role with implied role fails
|
|
3
High
|
Steve Martinelli
|
10
Fix Released
|
1548943
|
#1548943 |
Passwords can no longer be null with patch (278570)
|
|
3
High
|
Ron De Rose
|
10
Fix Released
|
1549705
|
#1549705 |
migrate DB failed due to password cannot be null
|
|
3
High
|
Dave Chen
|
10
Fix Released
|
1550017
|
#1550017 |
keystone eventlet using session is in 'prepared' state
|
|
3
High
|
Davanum Srinivas (DIMS)
|
10
Fix Released
|
1551189
|
#1551189 |
Tests don't work on leapdays
|
|
3
High
|
Matthew Edmonds
|
10
Fix Released
|
1551836
|
#1551836 |
CORS middleware's latent configuration options need to change
|
|
3
High
|
Michael
|
10
Fix Released
|
1017606
|
#1017606 |
Mixing references to 'Tenants' and 'Projects' is confusing
|
|
4
Medium
|
Steve Martinelli
|
10
Fix Released
|
1156298
|
#1156298 |
templated Catalog backend does not support listing services or endpoints
|
|
4
Medium
|
David Stanek
|
10
Fix Released
|
1224273
|
#1224273 |
Need a test to verify token's do not get data creep
|
|
4
Medium
|
Lance Bragstad
|
10
Fix Released
|
1479569
|
#1479569 |
Output from "role assignment list" is not useful
|
|
4
Medium
|
|
10
Fix Released
|
1479578
|
#1479578 |
Domain-specific config breaks some ops
|
|
4
Medium
|
Matthew Edmonds
|
10
Fix Released
|
1495669
|
#1495669 |
domain-specific drivers does not honor the list_limit set in domain-specific conf file
|
|
4
Medium
|
Boris Bobrov
|
10
Fix Released
|
1500631
|
#1500631 |
support multiple LDAP URIs
|
|
4
Medium
|
Steve Martinelli
|
10
Fix Released
|
1501740
|
#1501740 |
Creating a region without request parameters failed.
|
|
4
Medium
|
Dave Chen
|
10
Fix Released
|
1502157
|
#1502157 |
Updating a project's domain_id can create an illegal project hierarchy
|
|
4
Medium
|
Henrique Truta
|
10
Fix Released
|
1505256
|
#1505256 |
Potential user_id collision between Federated IdPs
|
|
4
Medium
|
Ron De Rose
|
10
Fix Released
|
1526244
|
#1526244 |
Able to create objects by admin in the particular domain, for incorrect domain Id field name "domain-id".
|
|
4
Medium
|
David Stanek
|
10
Fix Released
|
1531959
|
#1531959 |
mapping_id does not allow "_" character
|
|
4
Medium
|
Roxana Gherle
|
10
Fix Released
|
1532768
|
#1532768 |
Missing service 'region' and endpoint name for EndpointFilterCatalog
|
|
4
Medium
|
Einar Forselv
|
10
Fix Released
|
1534252
|
#1534252 |
fernet tokens don't support oauth1 authentication
|
|
4
Medium
|
Lance Bragstad
|
10
Fix Released
|
1535878
|
#1535878 |
A user with a role on a project should be able to issue a GET /project call
|
|
4
Medium
|
Ajaya Agrawal
|
10
Fix Released
|
1537401
|
#1537401 |
keystone gate failing test_get_token_id_error_handling
|
|
4
Medium
|
Steve Martinelli
|
10
Fix Released
|
1538754
|
#1538754 |
keystone should convert host CONF.federation.trusted_dashboard to lower case before comparing
|
|
4
Medium
|
Roxana Gherle
|
10
Fix Released
|
1540794
|
#1540794 |
deprecate signing config options
|
|
4
Medium
|
Morgan Fainberg
|
10
Fix Released
|
1541201
|
#1541201 |
deprecate pki related commands
|
|
4
Medium
|
Steve Martinelli
|
10
Fix Released
|
1542417
|
#1542417 |
LDAP backend lacks support for user_description_attribute mapping
|
|
4
Medium
|
|
10
Fix Released
|
1542587
|
#1542587 |
keystone-manage commands should use sys.exit()
|
|
4
Medium
|
Ren Qiaowei
|
10
Fix Released
|
1543318
|
#1543318 |
Token for trust does not expand implied roles
|
|
4
Medium
|
Adam Young
|
10
Fix Released
|
1545789
|
#1545789 |
keystone ADMIN_TOKEN set by default can lead to default insecure deployment
|
|
4
Medium
|
Adam Young
|
10
Fix Released
|
1547214
|
#1547214 |
Domain created by keystone-manage bootstrap has no description
|
|
4
Medium
|
Brant Knudson
|
10
Fix Released
|
1548562
|
#1548562 |
Misleading response when try to delete project with children
|
|
4
Medium
|
Brant Knudson
|
10
Fix Released
|
1549371
|
#1549371 |
Deprecation message when using default keystone-paste.ini
|
|
4
Medium
|
Brant Knudson
|
10
Fix Released
|
1661802
|
#1661802 |
Allow project_id in catalog substitutions
|
|
4
Medium
|
Brant Knudson
|
10
Fix Released
|
1661803
|
#1661803 |
Enable LDAP connection pooling by default
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1269789
|
#1269789 |
using templated catalog causes issues creating/listing new services/endpoints
|
|
5
Low
|
David Stanek
|
10
Fix Released
|
1381961
|
#1381961 |
Keystone API GET 5000/v3 returns wrong endpoint URL in response body
|
|
5
Low
|
Steve Martinelli
|
10
Fix Released
|
1440107
|
#1440107 |
Clearing up project assignments makes assumptions that domain_id != project_id
|
|
5
Low
|
Clenimar Filemon
|
10
Fix Released
|
1440135
|
#1440135 |
Cleaning up user/group assignments makes incorrect assumption that user_id != group_id
|
|
5
Low
|
Clenimar Filemon
|
10
Fix Released
|
1440773
|
#1440773 |
Remove WritableLogger as eventlet has a real logger interface in 0.17.2
|
|
5
Low
|
Chaozhe Chen
|
10
Fix Released
|
1470718
|
#1470718 |
Federation mapping schema validation for "local" attributes could do better
|
|
5
Low
|
Fernando Diaz
|
10
Fix Released
|
1473553
|
#1473553 |
AuthContextMiddleware re-implements AdminToken
|
|
5
Low
|
Brant Knudson
|
10
Fix Released
|
1482773
|
#1482773 |
H405 violations: multi line docstring summary not separated with an empty line
|
|
5
Low
|
Steve Martinelli
|
10
Fix Released
|
1539240
|
#1539240 |
create tests for trusts and implied roles
|
|
5
Low
|
Steve Martinelli
|
10
Fix Released
|
1541218
|
#1541218 |
make tests use test copy of policy.json
|
|
5
Low
|
Dave Chen
|
10
Fix Released
|
1542470
|
#1542470 |
Correctly set oslo.log configuration default_log_levels
|
|
5
Low
|
Ronald Bradford
|
10
Fix Released
|
1546189
|
#1546189 |
Add driver details in architecture doc
|
|
5
Low
|
maestropandy
|
10
Fix Released
|
1546605
|
#1546605 |
Default domain's description references keystone v2
|
|
5
Low
|
Steve Martinelli
|
10
Fix Released
|
1551312
|
#1551312 |
Python unit tests don't run in a clean 15.10 environment
|
|
5
Low
|
Sean Dague
|
10
Fix Released
|
1240138
|
#1240138 |
Update default_catalog.templates
|
|
6
Wishlist
|
lei zhang
|
10
Fix Released
|
1317302
|
#1317302 |
pki_setup shouldn't be required to check revocations
|
|
6
Wishlist
|
Brant Knudson
|
10
Fix Released
|
1367113
|
#1367113 |
Templated catalog backend not implemented
|
|
6
Wishlist
|
David Stanek
|
10
Fix Released
|
1519210
|
#1519210 |
opt-out of certain notifications
|
|
6
Wishlist
|
Fernando Diaz
|
10
Fix Released
|
1528258
|
#1528258 |
secure_proxy_ssl_header should default to HTTP_X_FORWARDED_PROTO
|
|
6
Wishlist
|
Steve Martinelli
|
10
Fix Released
|