On Dec 27, 2012, at 4:13 PM, Julie Pichon wrote: > I've seen something similar when the keystone default role defined in Horizon > doesn't actually exist in Keystone. The guide you link to suggests changing > the default role in Horizon to match the OS_TENANT_NAME environment variable. > Could you check that the value of OPENSTACK_KEYSTONE_DEFAULT_ROLE in > /etc/openstack-dashboard/local_settings matches one of the role names in the > output of 'keystone role-list'?
Hey, It is just Dashboard that seems to have the problem. I guess there is something strange with users and roles going on... /etc/openstack-dashboard/local_settings OPENSTACK_HOST = "controller" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0"; % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "admin" ##Logging is not very verbose.. [root@controller nova]# cat /var/log/keystone/keystone.log 2012-12-20 13:54:48 WARNING [keystone.common.wsgi] Conflict occurred attempting to store tenant. (IntegrityError) (1062, "Duplicate entry 'admin' for key 'name'") 2012-12-20 17:08:26 WARNING [keystone.common.wsgi] Could not find user: admin 2012-12-27 11:52:36 WARNING [keystone.common.wsgi] Authorization failed. The request you have made requires authentication. from 127.0.0.1 [root@controller nova]# keystone tenant-list +----------------------------------+----------------+---------+ | id | name | enabled | +----------------------------------+----------------+---------+ | 0c512648e33844cea8f957a37d5525e5 | widget-company | True | | 60d672952f1b4917b90cf6821de24742 | admin | True | | bceb80c7104e475aab4b60786320a86f | service | True | +----------------------------------+----------------+---------+ [root@controller nova]# keystone user-list +----------------------------------+--------+---------+-----------------------+ | id | name | enabled | email | +----------------------------------+--------+---------+-----------------------+ | 14791fc4ee364f7aa35cd8df3211dc2c | ec2 | True | None | | 5387b83db7d14ca8843a3b16e68fc2ca | swift | True | None | | 6a2593f0867c478bb2ece460226c3ce2 | admin | True | None | | 784701dc5dfe41a7811f7261d8345a9a | andrew | True | a.hol...@syseleven.de | | 89876a05f18c4d049a90ff6a863ce7c6 | nova | True | None | | bac2b9234ced458481733f98b0dacaa2 | glance | True | None | +----------------------------------+--------+---------+-----------------------+ [root@controller nova]# keystone tenant-list +----------------------------------+----------------+---------+ | id | name | enabled | +----------------------------------+----------------+---------+ | 0c512648e33844cea8f957a37d5525e5 | widget-company | True | | 60d672952f1b4917b90cf6821de24742 | admin | True | | bceb80c7104e475aab4b60786320a86f | service | True | +----------------------------------+----------------+---------+ [root@controller nova]# keystone role-list +----------------------------------+------------+ | id | name | +----------------------------------+------------+ | 64139d1b94214e20976489861da50bf1 | memberRole | | bf2b003aaf7a424b967ed209a6c57215 | admin | +----------------------------------+------------+ [root@controller nova]# keystone user-role-list +----------------------------------+-------+----------------------------------+----------------------------------+ | id | name | user_id | tenant_id | +----------------------------------+-------+----------------------------------+----------------------------------+ | bf2b003aaf7a424b967ed209a6c57215 | admin | 6a2593f0867c478bb2ece460226c3ce2 | 60d672952f1b4917b90cf6821de24742 | +----------------------------------+-------+----------------------------------+----------------------------------+ _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
