You are correct. I am trying to see if our previous code built around v2.0 works with v3. I have been using the v3 REST APIs to put entries into the keystone database and then am running my regression tests using v2.0 REST calls. We will be moving fully to v3, but for now I have a lot of people asking about compatibility.
Mark From: Dolph Mathews [mailto:dolph.math...@gmail.com] Sent: Friday, March 01, 2013 4:46 PM To: Miller, Mark M (EB SW Cloud - R&D - Corvallis) Cc: openstack@lists.launchpad.net (openstack@lists.launchpad.net); Yee, Guang Subject: Re: [Openstack] Possible keystone/common/controller.py Token Bug Looks like a valid bug to me -- this code just merged a week ago. How did you create the token? I'm guessing it was generated by v2 and utilized here on v3? -Dolph On Fri, Mar 1, 2013 at 5:03 PM, Miller, Mark M (EB SW Cloud - R&D - Corvallis) <mark.m.mil...@hp.com<mailto:mark.m.mil...@hp.com>> wrote: Hello, In trying to understand the Keystone Grizzly-3 release, I decided to add a service via a REST API call using an admin user's token instead of the admin token found in keystone.conf. When I do I get error: Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/wsgi.py", line 231, in __call__ result = method(context, **params) File "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/controller.py", line 66, in wrapper context, kwargs) File "/usr/local/lib/python2.7/dist-packages/keystone-2013.1.g3-py2.7.egg/keystone/common/controller.py", line 32, in _build_policy_check_credentials token_data = token_ref['token_data'] KeyError: 'token_data' (access): 2013-03-01 13:53:26,754 INFO 15.253.58.148 - - [01/Mar/2013:21:53:26 +0000] "POST http://15.253.58.165:35357/v3/services HTTP/1.0" 500 156 (eventlet.wsgi.server): 2013-03-01 13:53:26,755 DEBUG 15.253.58.148 - - [01/Mar/2013 13:53:26] "POST /v3/services HTTP/1.1" 500 328 0.020434 When I change line 32 in the file from "token_data = token_ref['token_data']" to "token_data = token_ref", the code appears to work. def _build_policy_check_credentials(self, action, context, kwargs): LOG.debug(_('RBAC: Authorizing %s(%s)') % ( action, ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs]))) try: token_ref = self.token_api.get_token( context=context, token_id=context['token_id']) except exception.TokenNotFound: LOG.warning(_('RBAC: Invalid token')) raise exception.Unauthorized() creds = {} # token_data = token_ref['token_data'] token_data = token_ref So my question is do I need to have "token_data" in the token table somehow or is this a code bug? Regards, Mark Miller _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net<mailto:openstack@lists.launchpad.net> Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
