Bug #7453
Authentication to keystone using rgw_keystone_admin_* failed
0%
Description
If you supply rgw_keystone_admin_user and rgw_keystone_admin_password ... instead of supplying "rgw_keystone_admin_token" (which of course is the correct way to do it, token expires after all :)), the radosgw need to send a request to keystone to convert this credentials to a token, but this call fail.
In detail the problems are the following:
1- To get a token from credential we need to send a POST request to v2/tokens not a GET.
2- We should specify that the content is JSON i.e. content-type : application/json
3- The JSON body was not correctly generated, the current code generate
{
"passwordCredentials": {
"username":"***",
"password": "***"
},
"tenantName":"**"
}
Instead of the correct JSON which is
{
"auth":{
"passwordCredentials": {
"username":"***",
"password": "***"
},
"tenantName":"**"
}
}
I have include a diff of how we workaround it to make it work.
History
#1 Updated by Ian Colle about 10 years ago
- Assignee set to Yehuda Sadeh
#2 Updated by Yehuda Sadeh about 10 years ago
Fix looks fine to me. Can you sign-off it?
#3 Updated by Mouad Ben about 10 years ago
New signed off patch
#4 Updated by Yehuda Sadeh about 10 years ago
- Status changed from New to Pending Backport
Pushed, commit:5fb90a2f6dd5b31634efc748a977924dbdbebcb9
#5 Updated by Yehuda Sadeh about 10 years ago
- Backport set to dumpling
#6 Updated by Yehuda Sadeh about 10 years ago
- Status changed from Pending Backport to Resolved
- Backport deleted (
dumpling)
actually, seems that the original code is post dumpling.