https://bugs.launchpad.net/keystone/+bug/1662762
I ran into this with an install of Ocata on ubuntu from packages (not using fuel). It sounds like you might be hitting this same issue. I was able to resolve it by grabbing core.py from the Ocata version of the fix for this bug and dropping it in place. Hope that helps. Kind regards, -Chris > On Apr 20, 2017, at 7:47 AM, Gregory Orange <gregory.ora...@pawsey.org.au> > wrote: > > I should have said: This is on OpenStack Ocata, deployed with Fuel. > >> On 20/4/17 2:41 pm, Gregory Orange wrote: >> We have configured Keystone for LDAP authentication via the >> domain_specific_drivers_enabled setting and a file keystone.<domain>.conf, >> and by tcpdump and LDAP server logs it appears to be working to some degree. >> That is, if the wrong credentials are entered, the response says so. However >> with the correct credentials, we get: >> >> "An error occurred authenticating. Please try again later." >> >> I'm not sure which of the numerous log entries to post (especially with >> various debug options enabled), but this seems relevant: >> >> 2017-04-20T06:00:09.845090+00:00 node-60 keystone-public: 2017-04-20 >> 06:00:09.822 17411 ERROR keystone.common.wsgi >> [req-12ca87a2-d790-4397-b703-7ff6ef11fcd1 - - - - -] 'options' >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi Traceback (most >> recent call last): >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi File >> "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 228, in >> __call__ >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi result = >> method(req, **params) >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi File >> "/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 132, >> in authenticate_for_token >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi >> auth_context['user_id'], method_names_set): >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi File >> "/usr/lib/python2.7/dist-packages/keystone/auth/core.py", line 377, in >> check_auth_methods_against_rules >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi mfa_rules = >> user_ref['options'].get(ro.MFA_RULES_OPT.option_name, []) >> 2017-04-20 06:00:09.822 17411 ERROR keystone.common.wsgi KeyError: 'options' >> >> I haven't had much luck tracing through those Python files - I can't even >> see how they relate to each other which suggests they are using function >> calls from includes and I haven't traced that deeply. >> >> Can anyone help shed light on this? > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack