[Openstack-devel] Bug#694433: user no longer a member of a tenant still can use EC2 token
Thomas Goirand
zigo at debian.org
Mon Nov 26 13:01:02 UTC 2012
Package: keystone
Version: 2012.1.1-10
Severity: grave
As per the github commit:
https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19
It is possible that a user is no longer a member of a tenant when
they attempt to use an ec2 token. This checks to make sure that
the user still has at least one valid role in the tenant before
authenticating them. This should automatically work for the s3
version as well since it is a subclass.
I'm ATM working on uploading the fix.
Cheers,
Thomas Goirand (zigo)
More information about the Openstack-devel
mailing list