[Yahoo-eng-team] [Bug 1253484] Re: external authentication v2 and v3 mismatch

Wed, 22 Jan 2014 07:59:58 -0800 

** Changed in: keystone
       Status: Fix Committed => Fix Released

** Changed in: keystone
    Milestone: None => icehouse-2

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1253484

Title:
  external authentication v2 and v3 mismatch

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  This is regarding external auth handling between v2 and v3.

  I want to write an external auth handler that supports email addresses
  as user names and works with both v2 and v3. It has to set REMOTE_USER
  to something. My users are named like b...@acm.org, and domain is just
  the default.

  External auth handling for v2 doesn't do anything with @ [0]. So I'd
  set the REMOTE_USER to b...@acm.org and it'll work with v2, but
  b...@acm.org@default will not work.

  External auth handling for v3 with the Default external auth handler
  removes everything after first @ [1]. So I'd set the REMOTE_USER to
  b...@acm.org@domain and it'll work, but b...@acm.org doesn't.

  ExternalDefault external auth handler requires @ [2]. So I'd set the
  REMOTE_USER to b...@acm.org@domain, but b...@acm.org doesn't.

  So to summarize, v2 will work with b...@acm.org, but v3 doesn't. V3
  will work with b...@acm.org@domain but that doesn't work with v2.

  So I'm not sure how an external auth handler is supposed to be written
  that supports email addresses and both v2 and v3 auth.

  [0]
  
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/token/controllers.py?id=2ab2c624353067ba0989720414e5cde2d4792bcc#n290

  [1]
  
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/auth/plugins/external.py?id=2ab2c624353067ba0989720414e5cde2d4792bcc#n70

  [2]
  
http://git.openstack.org/cgit/openstack/keystone/tree/keystone/auth/plugins/external.py?id=2ab2c624353067ba0989720414e5cde2d4792bcc#n86

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1253484/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to