Hi
I am testing the feasibility of federated token to access another federated
resource.
For this purpos, I setup three devstack kilo instances as:
kilo1 (IdP) - kilo2 (SP / IdP) - kilo3 (SP)
1. get a federated scoped token for a project in kilo2.
2. using this federated token, get federated scoped token for a project in
kilo3.
I get 500 internal server error from kilo2.
If I remove service provider in kilo2 (registered for kilo3), i can get
federated scoped token.
So far I know for issuing v3 token, the error is within webob
python /usr/local/lib/python2.7/dist-packages/webob/dec.py while
authenticating the
token in /keystone/auth/controllers.py. the following link is the stack
trace:
http://paste.openstack.org/show/422584/
The issue is when a SP is setup to be idp as well service provider (for
kilo3) in kilo2, then i get http 500 internal server error.
The response unscoped token from kilo2 is the following link:
http://paste.openstack.org/show/412951/
I wanted to know if somebody tested similar scenarios or had similar issues.
Thanks for your response
-Navid Pustchi
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
