Bug 1126869 - Enumerate Projects with Unscoped Tokens
Summary: Enumerate Projects with Unscoped Tokens
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-keystoneclient
Version: 5.0 (RHEL 6)
Hardware: Unspecified
OS: Unspecified
Target Milestone: z5
: 6.0 (Juno)
Assignee: Adam Young
QA Contact: Rodrigo Duarte
Depends On:
Blocks: 1126594
TreeView+ depends on / blocked
Reported: 2014-08-05 13:40 UTC by Nathan Kinder
Modified: 2016-04-26 18:06 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Clone Of:
Last Closed: 2016-03-18 17:20:07 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
OpenStack gerrit 106838 0 None None None Never

Description Nathan Kinder 2014-08-05 13:40:19 UTC
Creating a client with a session using an Unscoped tokens needs to set auth
info in client.  This Auth Info is necessary in order to enumerate
projects.  This is the standard login path for Horizon.

Comment 3 Nathan Kinder 2015-12-10 19:49:05 UTC
This is addressed in the upstream 0.11.2 release of python-keystoneclient.  We currently ship 0.11.1 in OSP6.  We should rebase to 0.11.2

Comment 5 Adam Young 2015-12-11 19:36:58 UTC
To verify, you need an unscoped token.  This can be done either by removing the default project ID for a user or by using the LDAP backend.  Do not set the OS_PROJECT_ID or OS_PROJECT_NAME variables either.

The CLI call `openstack project list` should be sufficient.  It should succeed with an unscoped token and list the project for the user.

Comment 6 Adam Young 2016-03-18 17:20:07 UTC
This is not tied to a customer, and is not a problem in the version of Horizon that was reported.  This is, instead, a feature that was under development at the time that has been merged upstream.

Note You need to log in before you can comment on or make changes to this bug.