Looks like a valid bug to me -- this code just merged a week ago. How did you create the token? I'm guessing it was generated by v2 and utilized here on v3?
-Dolph On Fri, Mar 1, 2013 at 5:03 PM, Miller, Mark M (EB SW Cloud - R&D - Corvallis) <mark.m.mil...@hp.com> wrote: > Hello,**** > > ** ** > > In trying to understand the Keystone Grizzly-3 release, I decided to add a > service via a REST API call using an admin user’s token instead of the > admin token found in keystone.conf. When I do I get error:**** > > ** ** > > ** ** > > Traceback (most recent call last):**** > > File > "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/wsgi.py", > line 231, in __call__**** > > result = method(context, **params)**** > > File > "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/controller.py", > line 66, in wrapper**** > > context, kwargs)**** > > File > "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/controller.py", > line 32, in _build_policy_check_credentials**** > > token_data = token_ref['token_data']**** > > KeyError: 'token_data'**** > > (access): 2013-03-01 13:53:26,754 INFO 15.253.58.148 - - > [01/Mar/2013:21:53:26 +0000] "POST > http://15.253.58.165:35357/v3/servicesHTTP/1.0"; 500 156 > **** > > (eventlet.wsgi.server): 2013-03-01 13:53:26,755 DEBUG 15.253.58.148 - - > [01/Mar/2013 13:53:26] "POST /v3/services HTTP/1.1" 500 328 0.020434**** > > ** ** > > ** ** > > When I change line 32 in the file from “token_data = > token_ref['token_data']” to “token_data = token_ref”, the code appears to > work.**** > > ** ** > > ** ** > > def _build_policy_check_credentials(self, action, context, kwargs):**** > > ** ** > > LOG.debug(_('RBAC: Authorizing %s(%s)') % (**** > > action,**** > > ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs])))**** > > ** ** > > try:**** > > token_ref = self.token_api.get_token(**** > > context=context, token_id=context['token_id'])**** > > except exception.TokenNotFound:**** > > LOG.warning(_('RBAC: Invalid token'))**** > > raise exception.Unauthorized()**** > > ** ** > > creds = {}**** > > ** ** > > # token_data = token_ref['token_data']**** > > token_data = token_ref**** > > ** ** > > ** ** > > So my question is do I need to have “token_data” in the token table > somehow or is this a code bug?**** > > ** ** > > Regards,**** > > > Mark Miller**** > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
