12:11 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Keystone] Token invalidation in deleting role
assignments
This is a known limitation of the token backend and the token revocation list:
we don't index tokens in the backend by roles (a
This is a known limitation of the token backend and the token revocation
list: we don't index tokens in the backend by roles (and we don't want to
iterate the token table to find matching tokens).
However, if we land support for token revocation events [1] in the
auth_token [2] middleware, we'll b
Hi all,
When deleting role assignments, not only tokens that are related with
deleted role assignments but also other tokens that the(same) user has are
invalidated in stable/icehouse(2014.1.1).
For example,
A) Role assignment between domain and user by OS-INHERIT(*1)
1. Assign a role(For example
