Bug #5374
closedAvoid relying on keystone's admin token
0%
Description
The current Keystone integration requires knowledge of the keystone admin token. The keystone admin token is for Keystone's own use and for administrative use to create the initial, genuine Keystone users.
The correct way to integrate with Keystone is to create a user for Ceph to allow it to authenticate tokens. When starting up, the username/tenant/password is used to get a token from Keystone. This token is the used instead of the admin token.
Updated by Christophe Courtaut almost 11 years ago
A pull request has been made for this issue https://github.com/ceph/ceph/pull/392
Might need testing.
Updated by Christophe Courtaut almost 11 years ago
The patch above needs review.
Please change ticket status.
Updated by Christophe Courtaut almost 11 years ago
This issue need update has a fix has been merged.
Updated by Yehuda Sadeh almost 11 years ago
actually, it's not merged yet. I still need to complete the review on it, hopefully I can get that done soon.
Updated by Ian Colle over 10 years ago
- Status changed from New to Fix Under Review
- Assignee set to Yehuda Sadeh
Updated by Yehuda Sadeh over 10 years ago
I rebased wip-5374 again, went over it. Almost there but not quite yet, will get there soon.
Updated by Sage Weil over 10 years ago
- Assignee changed from Yehuda Sadeh to Christophe Courtaut
Updated by Christophe Courtaut over 10 years ago
What is missing to close this issue?
Updated by Yehuda Sadeh over 10 years ago
Mainly needs to be brought up to date with current code base.
Updated by Yehuda Sadeh over 10 years ago
- Status changed from Fix Under Review to Resolved
Merged, commit:b20d1bf33bdf6ed25ef9bb37afc3890282ece6d4