1488208
|
#1488208 |
Revoking a role assignment revokes unscoped tokens too
|
|
4
Medium
|
Dolph Mathews
|
4
Won't Fix
|
1287757
|
#1287757 |
Optimization: Don't prune events on every get
|
|
3
High
|
Morgan Fainberg
|
10
Fix Released
|
1454309
|
#1454309 |
Keystone v3 user/tenant lookup by name via OpenStack CLI client fails
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1459382
|
#1459382 |
Fernet tokens can fail with LDAP identity backends
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1465444
|
#1465444 |
Fernet key rotation removing keys early
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1469563
|
#1469563 |
Fernet tokens do not maintain expires time across rescope (V2 tokens)
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1483382
|
#1483382 |
Able to request a V2 token for user and project in a non-default domain
|
|
3
High
|
Dolph Mathews
|
10
Fix Released
|
1490804
|
#1490804 |
[OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546)
|
|
3
High
|
|
10
Fix Released
|
1497461
|
#1497461 |
Fernet tokens fail for some users with LDAP identity backend
|
|
3
High
|
Eric Brown
|
10
Fix Released
|
1448286
|
#1448286 |
unicode query string raises UnicodeEncodeError
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1454968
|
#1454968 |
hard to understand the uri printed in the log
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1459790
|
#1459790 |
With fernet tokens, validate token loses the ms on 'expires' value
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1468000
|
#1468000 |
Group lookup by name in LDAP via v3 fails
|
|
4
Medium
|
Brant Knudson
|
10
Fix Released
|
1475762
|
#1475762 |
v3 tokens with references outside the default domain can be validated on v2
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1477600
|
#1477600 |
Token Validation API returns 401 not 404 on invalid fernet token
|
|
4
Medium
|
Dolph Mathews
|
10
Fix Released
|
1479943
|
#1479943 |
XmlBodyMiddleware stubs break existing configs
|
|
4
Medium
|
Tim Burke
|
10
Fix Released
|
1515485
|
#1515485 |
Heat CFN signals do not pass authorization
|
|
4
Medium
|
|
10
Fix Released
|
1452418
|
#1452418 |
Fernet tokens read from disk on every request
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1471967
|
#1471967 |
Fernet unit tests do not test persistence logic
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1478656
|
#1478656 |
Non-numeric filenames in key_repository will make Keystone explode
|
|
5
Low
|
Dolph Mathews
|
10
Fix Released
|
1401926
|
#1401926 |
Role revocation invalidates tokens on all user projects
|
|
1
Undecided
|
|
10
Fix Released
|
1402760
|
#1402760 |
All user tokens are considered revoked on it's group role revocation
|
|
1
Undecided
|
|
10
Fix Released
|
1442787
|
#1442787 |
Mapping openstack_user attribute in k2k assertions with different domains
|
|
1
Undecided
|
|
10
Fix Released
|
1464377
|
#1464377 |
Keystone v2.0 api accepts tokens deleted with v3 api
|
|
1
Undecided
|
|
10
Fix Released
|
1469029
|
#1469029 |
Migrations fail going from juno -> kilo
|
|
1
Undecided
|
|
10
Fix Released
|
1485035
|
#1485035 |
cadf payload doesn't have initiator for v2 calls
|
|
1
Undecided
|
|
10
Fix Released
|
1487115
|
#1487115 |
Ephemeral user's id is not always urlsafe
|
|
1
Undecided
|
|
10
Fix Released
|
1487937
|
#1487937 |
IndexError if federation mapping doesn't match anything
|
|
1
Undecided
|
|
10
Fix Released
|
1515302
|
#1515302 |
Group membership attribute is hard-coded when using 'user_enable_emulation'
|
|
1
Undecided
|
|
10
Fix Released
|