Public bug reported:
We enabled [security_compliance] in our environment to follow Security
compliance and PCI-DSS requirements, and here is our configuration:
[security_compliance]
lockout_failure_attempts = 3
lockout_duration = 60
My account will be get locked after 3 failure logins, then I tried to
re-login, I got 401 which is Unauthorized instead of AccountLocked as
what we expected.
{
"error": {
"code": 401,
"message": "The request you have made requires authentication.",
"title": "Unauthorized"
}
}
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/2049559
Title:
Keysont implements "AccountLocked" but returns "Unauthorized"
Status in OpenStack Identity (keystone):
New
Bug description:
We enabled [security_compliance] in our environment to follow Security
compliance and PCI-DSS requirements, and here is our configuration:
[security_compliance]
lockout_failure_attempts = 3
lockout_duration = 60
My account will be get locked after 3 failure logins, then I tried to
re-login, I got 401 which is Unauthorized instead of AccountLocked as
what we expected.
{
"error": {
"code": 401,
"message": "The request you have made requires authentication.",
"title": "Unauthorized"
}
}
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2049559/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
