Project

General

Profile

Bug #7453

Authentication to keystone using rgw_keystone_admin_* failed

Added by Mouad Ben about 10 years ago. Updated about 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
-
% Done:

0%

Source:
other
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

If you supply rgw_keystone_admin_user and rgw_keystone_admin_password ... instead of supplying "rgw_keystone_admin_token" (which of course is the correct way to do it, token expires after all :)), the radosgw need to send a request to keystone to convert this credentials to a token, but this call fail.

In detail the problems are the following:

1- To get a token from credential we need to send a POST request to v2/tokens not a GET.
2- We should specify that the content is JSON i.e. content-type : application/json
3- The JSON body was not correctly generated, the current code generate

{
"passwordCredentials": {
"username":"***",
"password": "***"
},
"tenantName":"**"
}

Instead of the correct JSON which is

{
"auth":{
"passwordCredentials": {
"username":"***",
"password": "***"
},
"tenantName":"**"
}
}

I have include a diff of how we workaround it to make it work.

fix-keystone.patch View (1.13 KB) Mouad Ben, 02/17/2014 05:35 AM

0001-Fix-generate-keystone-token-from-credentials.patch View (1.69 KB) Mouad Ben, 02/20/2014 08:11 AM

History

#1 Updated by Ian Colle about 10 years ago

  • Assignee set to Yehuda Sadeh

#2 Updated by Yehuda Sadeh about 10 years ago

Fix looks fine to me. Can you sign-off it?

#4 Updated by Yehuda Sadeh about 10 years ago

  • Status changed from New to Pending Backport

Pushed, commit:5fb90a2f6dd5b31634efc748a977924dbdbebcb9

#5 Updated by Yehuda Sadeh about 10 years ago

  • Backport set to dumpling

#6 Updated by Yehuda Sadeh about 10 years ago

  • Status changed from Pending Backport to Resolved
  • Backport deleted (dumpling)

actually, seems that the original code is post dumpling.

Also available in: Atom PDF