980085
|
#980085 |
ldap Identity backend TenantAPI bugs
|
|
2
Critical
|
Adam Young
|
10
Fix Released
|
1006316
|
#1006316 |
Add invalid role id to user on tenant is not raising proper exception
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1006777
|
#1006777 |
GET /v2.0/tokens/{token_id}/endpoints not implemented
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1006815
|
#1006815 |
[OSSA 2012-015] Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1006822
|
#1006822 |
[OSSA 2012-015] API v2.0/OS-KSADM/services, v2.0/OS-KSADM/services/{service_id} doesn't validate token
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1030968
|
#1030968 |
'Adminness' is not asserted when validating non-PKI tokens
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1037683
|
#1037683 |
PKI Token revocation
|
|
2
Critical
|
|
10
Fix Released
|
1040626
|
#1040626 |
[OSSA 2012-013] Update user's default tenant partially succeeds without authz
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
1041396
|
#1041396 |
[OSSA 2012-014] Token validation includes revoked roles (CVE-2012-4413)
|
|
2
Critical
|
Thierry Carrez
|
10
Fix Released
|
1046905
|
#1046905 |
Memcached Token Backend does not support list tokens
|
|
2
Critical
|
|
10
Fix Released
|
1056373
|
#1056373 |
memcache driver needs protection against unicode user keys
|
|
2
Critical
|
Dolph Mathews
|
10
Fix Released
|
928441
|
#928441 |
document base model types for key elements within Keystone API
|
|
3
High
|
Joseph Heck
|
10
Fix Released
|
951958
|
#951958 |
SQL connection errors not getting logged or reported
|
|
3
High
|
Joseph Heck
|
10
Fix Released
|
958950
|
#958950 |
no unit tests for SQL catalog backend
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
996595
|
#996595 |
[OSSA 2012-010] Following a password compromise and subsequent password change, tokens remain valid.
|
|
3
High
|
Derek Higgins
|
10
Fix Released
|
998137
|
#998137 |
[SRU] Keystone user tenant membership not always removed
|
|
3
High
|
Adam Gandelman
|
10
Fix Released
|
1003829
|
#1003829 |
pam backend doesn't have unittests.
|
|
3
High
|
Bhuvan Arumugam
|
10
Fix Released
|
1004114
|
#1004114 |
Password logging
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1006341
|
#1006341 |
Attempt to add role to user with nonexistant tenant id in the request is not raising proper exception
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1012381
|
#1012381 |
Memcache token backend eventually stops working
|
|
3
High
|
Rafael Durán Castañeda
|
10
Fix Released
|
1013953
|
#1013953 |
keystoneclient fails with 'pkg_resources.DistributionNotFound: argparse' Error
|
|
3
High
|
Monty Taylor
|
10
Fix Released
|
1019409
|
#1019409 |
python-keystone client fails w/ PrettyTable 0.5-3 (
|
|
3
High
|
Dan Prince
|
10
Fix Released
|
1020109
|
#1020109 |
User role deletion is broken
|
|
3
High
|
Unmesh Gurjar
|
10
Fix Released
|
1031022
|
#1031022 |
update auth_token to default signing_dir w/ os USER as suffix
|
|
3
High
|
Adam Young
|
10
Fix Released
|
1031164
|
#1031164 |
Support PostgreSQL w/ migration 002
|
|
3
High
|
Dan Prince
|
10
Fix Released
|
1031191
|
#1031191 |
PKI key_size=2048 causes truncation errors on 'id' column
|
|
3
High
|
Dan Prince
|
10
Fix Released
|
1031373
|
#1031373 |
rename disable_pki=False config option
|
|
3
High
|
Bhuvan Arumugam
|
10
Fix Released
|
1037010
|
#1037010 |
[folsom-3] Missing files in generated tarballs
|
|
3
High
|
Thierry Carrez
|
10
Fix Released
|
1038309
|
#1038309 |
auth_token fails to fetch revocation list
|
|
3
High
|
Adam Young
|
10
Fix Released
|
1039552
|
#1039552 |
Keystone returns traceback for db backend
|
|
3
High
|
|
10
Fix Released
|
1043479
|
#1043479 |
auth token middleware is an upgrade bottleneck
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1047848
|
#1047848 |
LDAP identity Backend breaks on unscoped token
|
|
3
High
|
Adam Young
|
10
Fix Released
|
966251
|
#966251 |
User can be created with name more than 64 characters in length
|
|
4
Medium
|
Unmesh Gurjar
|
10
Fix Released
|
967440
|
#967440 |
Eventlet monkey_patch done too late ?
|
|
4
Medium
|
Joseph Heck
|
10
Fix Released
|
968519
|
#968519 |
Object reference validation should occur in drivers
|
|
4
Medium
|
Ken Thomas
|
10
Fix Released
|
974583
|
#974583 |
unittests not running on OSX
|
|
4
Medium
|
Maru Newby
|
10
Fix Released
|
980037
|
#980037 |
Service managers starting keystone-all don't know when its ready
|
|
4
Medium
|
Alan Pevec
|
10
Fix Released
|
983304
|
#983304 |
Implementation of tenant,user,role list functions for ldap
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
987121
|
#987121 |
strict constraint for database table creation
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
988523
|
#988523 |
(docs) delay_auth_decision = true, fails with ValueError
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
988920
|
#988920 |
[OSSA 2012-016]Token authentication for a user in a disabled tenant does not raise Unauthorized error
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
994744
|
#994744 |
--user should be --user_id, for consistency
|
|
4
Medium
|
Everett Toews
|
10
Fix Released
|
994860
|
#994860 |
Keystone middleware auth_token assumes top level URL when making http connection
|
|
4
Medium
|
Adam Young
|
10
Fix Released
|
994936
|
#994936 |
export_legacy_catalog doesn't convert url names correctly
|
|
4
Medium
|
Sam Morrison
|
10
Fix Released
|
995222
|
#995222 |
swift proxy start ValueError: invalid literal for int() with base 10: 'true'
|
|
4
Medium
|
Chmouel Boudjnah
|
10
Fix Released
|
997700
|
#997700 |
LDAP should not check username on "sn" field
|
|
4
Medium
|
|
10
Fix Released
|
997725
|
#997725 |
Role name is not required
|
|
4
Medium
|
Mohammed Naser
|
10
Fix Released
|
998185
|
#998185 |
[OSSA 2012-010] Once a token is created/distributed its expiry date can be circumvented
|
|
4
Medium
|
Derek Higgins
|
10
Fix Released
|
999447
|
#999447 |
swift_auth middleware is still referencing deprecated header HTTP_X_USER
|
|
4
Medium
|
Chmouel Boudjnah
|
10
Fix Released
|
999567
|
#999567 |
Keystone Admin - Deleting a roleRef for a non existent user or role returns Internal Server Error
|
|
4
Medium
|
Vincent Untz
|
10
Fix Released
|
999594
|
#999594 |
Keystone Admin: Can create a duplicate roleRef (role assignment) for a user
|
|
4
Medium
|
Vincent Untz
|
10
Fix Released
|
999998
|
#999998 |
Swift Auth backward compatibility broken
|
|
4
Medium
|
Lin Hua Cheng
|
10
Fix Released
|
1000757
|
#1000757 |
prettytable 0.6.0 test dependency has bad md5sum in PyPi
|
|
4
Medium
|
Dan Prince
|
10
Fix Released
|
1003715
|
#1003715 |
auth_token middleware doesn't import optional modules correctly
|
|
4
Medium
|
Pádraig Brady
|
10
Fix Released
|
1006055
|
#1006055 |
/v2.0/tenants: the 'limit' paramter should limit results instead of scopes
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1010237
|
#1010237 |
Validate token should always return service catalog
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1012282
|
#1012282 |
Missing 'content-type' header triggers 500 Internal Server Error
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1020569
|
#1020569 |
wsgi code ties all middleware consumers to Eventlet
|
|
4
Medium
|
Adam Young
|
10
Fix Released
|
1021315
|
#1021315 |
Live LDAP tests fail
|
|
4
Medium
|
Adam Young
|
10
Fix Released
|
1023998
|
#1023998 |
Explicitly prevent X-Service-Catalog from being injected via auth_token middleware
|
|
4
Medium
|
Dan Prince
|
10
Fix Released
|
1031317
|
#1031317 |
log errors when signing/verification fail
|
|
4
Medium
|
Dan Prince
|
10
Fix Released
|
1035428
|
#1035428 |
authenticate in ldap backend doesn't return a list of roles
|
|
4
Medium
|
Andrew Bogott
|
10
Fix Released
|
1039857
|
#1039857 |
default value of verbose and debug in keystone.conf.sample is mistaken
|
|
4
Medium
|
xyj
|
10
Fix Released
|
1050025
|
#1050025 |
Token invalidation in case of role grant/revoke should be limited to affected tenant
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
956954
|
#956954 |
Keystone needs a URL normalizer middleware
|
|
5
Low
|
Rafael Durán Castañeda
|
10
Fix Released
|
966643
|
#966643 |
Useless error when keystone-all fails to locate config
|
|
5
Low
|
Chmouel Boudjnah
|
10
Fix Released
|
978981
|
#978981 |
Add ChangeLog to the Tarball
|
|
5
Low
|
Dan Prince
|
10
Fix Released
|
980209
|
#980209 |
BaseLDAP builds tree_dn backwards
|
|
5
Low
|
|
10
Fix Released
|
983734
|
#983734 |
Keystone fails badly if you miss one option
|
|
5
Low
|
Mark McLoughlin
|
10
Fix Released
|
983800
|
#983800 |
TokenNotFound not raised in testsuite because of timezone issues
|
|
5
Low
|
Mark McLoughlin
|
10
Fix Released
|
987457
|
#987457 |
keystoneclient endpoint-create should require service_id
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
991936
|
#991936 |
501 Not Implemented response missing "title" attribute
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
994957
|
#994957 |
handle all mailmap with name and email address
|
|
5
Low
|
Bhuvan Arumugam
|
10
Fix Released
|
999209
|
#999209 |
Listing roleRefs (Role assignments) for non existent user returns an incorrect status code
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
999608
|
#999608 |
Keystone Admin: Creating a roleRef for a non existent user or role returns Internal Server Error
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1006029
|
#1006029 |
Invalid tokens obtained when tenantId/tenantName is missing/invalid
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1006287
|
#1006287 |
Attempt to delete role of user with invalid parameters sent is returning 500 error code
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1006334
|
#1006334 |
Attempt to add role to nonexistant user on tenant is not throwing an error
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1006344
|
#1006344 |
Attempt to get list ofusers by passing non existant tenant id is not raising exception
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1006793
|
#1006793 |
Service API :5000/v2.0/tenants doesn't check HTTP method
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1007661
|
#1007661 |
keystoneclient should only attempt to decode JSON in msg body if the response was a success
|
|
5
Low
|
Joseph Heck
|
10
Fix Released
|
1027109
|
#1027109 |
DOCS: Broken link in http://docs.openstack.org/developer/keystone/api_curl_examples.html
|
|
5
Low
|
Alan Pevec
|
10
Fix Released
|
1037303
|
#1037303 |
PEP8 version differs between test_requires and tox.ini
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1038131
|
#1038131 |
bin/keystone-all prints line break to stdout on every request
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
928564
|
#928564 |
require only one ctrl-c to kill keystone
|
|
6
Wishlist
|
Rafael Durán Castañeda
|
10
Fix Released
|
980864
|
#980864 |
Keystone Essex does not support TLS over HTTPS
|
|
6
Wishlist
|
|
10
Fix Released
|
994501
|
#994501 |
Token authentication for missing tenant
|
|
6
Wishlist
|
Dolph Mathews
|
10
Fix Released
|
996922
|
#996922 |
Ability to allow a user to change their own password
|
|
6
Wishlist
|
Derek Higgins
|
10
Fix Released
|
997194
|
#997194 |
[OSSA 2012-010] Tokens remain valid after a user account is disabled
|
|
6
Wishlist
|
Derek Higgins
|
10
Fix Released
|
1000608
|
#1000608 |
Backslash continuation removal (Keystone folsom-1)
|
|
6
Wishlist
|
Zhongyue Luo
|
10
Fix Released
|
1003962
|
#1003962 |
PKI Signed Tokens
|
|
6
Wishlist
|
Dolph Mathews
|
10
Fix Released
|
1016171
|
#1016171 |
Keystone API is forcing Content-Transfer: chunked on responses
|
|
6
Wishlist
|
Dolph Mathews
|
10
Fix Released
|
1019498
|
#1019498 |
update keystone to pep8 1.3
|
|
6
Wishlist
|
Dolph Mathews
|
10
Fix Released
|
1022614
|
#1022614 |
Document Memcache server needed system time setting
|
|
6
Wishlist
|
Maru Newby
|
10
Fix Released
|
1036161
|
#1036161 |
keystone should log all authentication failures
|
|
6
Wishlist
|
Ionuț Arțăriși
|
10
Fix Released
|
1037578
|
#1037578 |
Remove unused imports
|
|
6
Wishlist
|
Rongze Zhu
|
10
Fix Released
|
920757
|
#920757 |
'Authors' check in run_tests.sh makes life harder for new contributers
|
|
1
Undecided
|
|
10
Fix Released
|
966249
|
#966249 |
Tenant can be created with name more than 64 characters in length
|
|
1
Undecided
|
Unmesh Gurjar
|
10
Fix Released
|
966612
|
#966612 |
Build artifacts are missing from .gitignore
|
|
1
Undecided
|
Maru Newby
|
10
Fix Released
|
966670
|
#966670 |
keystone-manage looks in source tree first for keystone.conf
|
|
1
Undecided
|
Josh Kearney
|
10
Fix Released
|
966749
|
#966749 |
documentation incorrect: user-create throws on --default_tenant
|
|
1
Undecided
|
Bhuvan Arumugam
|
10
Fix Released
|
969088
|
#969088 |
Role conflict when importing nova auth
|
|
1
Undecided
|
Mark McLoughlin
|
10
Fix Released
|
973243
|
#973243 |
deleting tenants or users does not clean up metadata
|
|
1
Undecided
|
Bernhard M. Wiedemann
|
10
Fix Released
|
973433
|
#973433 |
S3_Token middleware is not coming back with proper s3 reply when unauthorized token or service is not available
|
|
1
Undecided
|
Chmouel Boudjnah
|
10
Fix Released
|
974199
|
#974199 |
deleting a tenant does not cleanup its user associations
|
|
1
Undecided
|
Bernhard M. Wiedemann
|
10
Fix Released
|
980277
|
#980277 |
Live LDAP tests do cleanup no_meta user
|
|
1
Undecided
|
|
10
Fix Released
|
992918
|
#992918 |
ValueError: rounds too low (sha512_crypt requires >= 1000 rounds)
|
|
1
Undecided
|
Johannes Erdfelt
|
10
Fix Released
|
994481
|
#994481 |
admin login in pam backend fails
|
|
1
Undecided
|
Bernhard M. Wiedemann
|
10
Fix Released
|
1013441
|
#1013441 |
Reorder imports by full import path
|
|
1
Undecided
|
Zhongyue Luo
|
10
Fix Released
|
1014845
|
#1014845 |
keystoneclient requires unittest2 for production install
|
|
1
Undecided
|
Ken Thomas
|
10
Fix Released
|
1016056
|
#1016056 |
EC2 credentials not migrated from legacy (diablo) database
|
|
1
Undecided
|
|
10
Fix Released
|
1017554
|
#1017554 |
Provision certificates for Keystone install
|
|
1
Undecided
|
Adam Young
|
10
Fix Released
|
1020182
|
#1020182 |
Reorder test imports by full import path
|
|
1
Undecided
|
Zhongyue Luo
|
10
Fix Released
|
1020613
|
#1020613 |
iso8601 is required by default on keystone
|
|
1
Undecided
|
Chmouel Boudjnah
|
10
Fix Released
|
1021508
|
#1021508 |
pep8 not being ran for tests
|
|
1
Undecided
|
Rafael Durán Castañeda
|
10
Fix Released
|
1022411
|
#1022411 |
500 Returned when trying to PUT /users/<USER_ID>/enabled
|
|
1
Undecided
|
Jay Pipes
|
10
Fix Released
|
1022575
|
#1022575 |
pep8 tests failing for tests/*py
|
|
1
Undecided
|
Derek Higgins
|
10
Fix Released
|
1030912
|
#1030912 |
auth_token middleware fails to fetch CA Cert
|
|
1
Undecided
|
Adam Young
|
10
Fix Released
|
1046023
|
#1046023 |
PKI Token should not store token body in the backend
|
|
1
Undecided
|
Adam Young
|
10
Fix Released
|