*** This bug is a duplicate of bug 1435530 ***
https://bugs.launchpad.net/bugs/1435530
** This bug is no longer a duplicate of bug 1434034
Disabling users & groups may not invalidate previously-issued tokens
** This bug has been marked a duplicate of bug 1435530
keystonemiddleware without TRL checking and default cache config can allow
access after token revocation
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1432892
Title:
When validating a trust scoped token, raise 404 instead of 403 if
trustor is disabled
Status in Keystone:
Triaged
Bug description:
Any validation error that occurs when checking a token should be
caught and re-raised as 404 NotFound (TokenNotFound), as we currently
do for v2 tokens [1].
For example, when validating a trust scoped token with disabled
trustor, a 403 Forbidden exception with message 'Trustor is disabled.'
is raised. This exception is appropriate when issuing tokens, but not
when validating them.
[1]
https://github.com/openstack/keystone/blob/25d742ada803d8501e7c004242a625efd07fcaf6/keystone/token/providers/common.py#L618-L620
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1432892/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
