As a non admin user. Querying the keystone v2 API is there a way for me to
get a list of the tenants that I am a member of? Or is that only a v3
thing?
-Matt
___
Mailing list: https://launchpad.net/~openstack
Post to :
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a way for
me to get a list of the tenants that I am a member of? Or is that
only a v3 thing?
-Matt
I was just looking into it, and there is no such API yet. The
underlying Identity
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com wrote:
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a way for me
to get a list of the tenants that I am a member of? Or is that only a v3
thing?
-Matt
I was just
On 07/17/2012 03:55 PM, Matt Joyce wrote:
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com
mailto:ayo...@redhat.com wrote:
On 07/17/2012 03:47 PM, Matt Joyce wrote:
As a non admin user. Querying the keystone v2 API is there a
way for me to get a list of the
curl -H X-Auth-Token:123456789001234 http://localhost:5000/v2.0/tenants
that seems to do the trick for me for now.
On Tue, Jul 17, 2012 at 1:03 PM, Adam Young ayo...@redhat.com wrote:
On 07/17/2012 03:55 PM, Matt Joyce wrote:
On Tue, Jul 17, 2012 at 12:55 PM, Adam Young ayo...@redhat.com
On 07/17/2012 04:05 PM, Matt Joyce wrote:
curl -H X-Auth-Token:123456789001234http://localhost:5000/v2.0/tenants
that seems to do the trick for me for now.
Ah, I see that is hooked up to: get_tenants_for_token, I was looking
for the wrong API. That then calls: tenant_ids =
Adam speaks lies ;)
Here's a regular user requesting a list of tenants on port 5000 (notice
they only get back 1 tenant):
GET http://localhost:5000/v2.0/tenants
==
X-Auth-Token: a6094f62e38c4fafa57e6edf7bd04961
200 OK
==
Status: 200
Content-Length: 133
Anyone by any chance know how to read out the auth_token or raw_token that
is acquired in keystoneclient when it performs a client.Client()
Authenticate?
I'd love to be able to read that. And it's totally not documented anywhere
if it exists.
-Matt
On Tue, Jul 17, 2012 at 2:19 PM, Matt Joyce
Not sure if it's documented outside of tests, but: *
client.Client().auth_token*
from keystoneclient.v2_0 import client
c = client.Client(auth_url='http://localhost:5000/v2.0/',
username='joe', password='secrete', tenant_name='project-x')
print c.auth_token
ec04fe9e554a43d1a853e6c665f3e9b2
On 07/17/2012 06:06 PM, Matt Joyce wrote:
Anyone by any chance know how to read out the auth_token or raw_token
that is acquired in keystoneclient when it performs a client.Client()
Authenticate?
The token is just a UUID, randomly generated.
In the PKI proposal, it is a base64 encoding of a
Replied inline.
On Thu, May 3, 2012 at 3:23 PM, Luis Gervaso l...@woorea.es wrote:
Yes, this is the real issue.
Since /tenants is only valid for the current user (that's X-Auth-Token
dependant)
Correct.
How can an administrator user list all the tenants a user belongs to?
In the
*Subject:* Re: [Openstack] Keystone API question
** **
Yes, this is the real issue.
** **
Since /tenants is only valid for the current user (that's X-Auth-Token
dependant)
** **
How can an administrator user list all the tenants a user belongs to?
** **
Another issue
-bounces+gabriel.hurley=nebula@lists.launchpad.net[mailto:
openstack-bounces+gabriel.hurley=nebula@lists.launchpad.net] *On
Behalf Of *Luis Gervaso
*Sent:* Thursday, May 03, 2012 1:24 PM
*To:* Everett Toews
*Cc:* openstack@lists.launchpad.net
*Subject:* Re: [Openstack] Keystone API question
On 05/03/2012 12:06 AM, Luis Gervaso wrote:
This is what i get.
1 GET
http://192.168.1.41:35357/v2.0/users/ef1e63df85b641d7bf3c575bb8670cef/roles
1 X-Auth-Token: secret0
2012-05-03 00:03:55,337 [http-bio-8080-exec-10] INFO api.identity -
2 * LoggingFilter - Response received on thread
The philosophy in essex is that it's meaningless for a user to have a role
without that role being applied to a tenant, so the call that's implemented
is:
GET /tenants/{tenant_id}/users/{user_id}/roles
Calling this instead should get you an HTTP 501 stating User roles not
supported: tenant
I get the same as Luis when trying GET /users/{user_id}/roles on
stable/essex (using devstack). Keystone spits back an
AttributeError: 'UserController' object has no attribute 'get_user_roles'
message instead of a nice 501.
GET /tenants/{tenant_id}/users/{user_id}/roles works fine. For a bit
Yes, this is the real issue.
Since /tenants is only valid for the current user (that's X-Auth-Token
dependant)
How can an administrator user list all the tenants a user belongs to?
Another issue i've detected is that endpoints are always dependant on a
service,
may be i'm wrong but for me:
@lists.launchpad.net] On
Behalf Of Luis Gervaso
Sent: Thursday, May 03, 2012 1:24 PM
To: Everett Toews
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] Keystone API question
Yes, this is the real issue.
Since /tenants is only valid for the current user (that's X-Auth-Token
dependant)
How can
Toews
*Cc:* openstack@lists.launchpad.net
*Subject:* Re: [Openstack] Keystone API question
** **
Yes, this is the real issue.
** **
Since /tenants is only valid for the current user (that's X-Auth-Token
dependant)
** **
How can an administrator user list all the tenants
Hi,
In Diablo was:
GET /users/{user_id}/roleRefs
In Essex it is maintained for compatibility reasons. I understand that this
is the obsolete now.
I can find:
PUT DELETE /users/{user_id}/roles/OS-KSADM/{role_id}
How can get all the roles having a user_id?
GET /users/{user_id}/roles (i can't
This is what i get.
1 GET
http://192.168.1.41:35357/v2.0/users/ef1e63df85b641d7bf3c575bb8670cef/roles
1 X-Auth-Token: secret0
2012-05-03 00:03:55,337 [http-bio-8080-exec-10] INFO api.identity - 2 *
LoggingFilter - Response received on thread http-bio-8080-exec-10
2 500
2 Connection: close
21 matches
Mail list logo