Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1189633

Summary: [RFE][keystone]: Scope federated token with 'token' identity method
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: openstack-keystoneAssignee: Nathan Kinder <nkinder>
Status: CLOSED ERRATA QA Contact: yeylon <yeylon>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: ayoung, markmc, nbarcet, srevivo, ssainkar, yeylon
Target Milestone: Upstream M2Keywords: FutureFeature, OtherQA
Target Release: 7.0 (Kilo)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/keystone/+spec/federation-token-scoping
Whiteboard: upstream_milestone_kilo-2 upstream_definition_approved upstream_status_implemented
Fixed In Version: openstack-keystone-2015.1.0-1.el7ost Doc Type: Enhancement
Doc Text:
The Identity service now allows unscoped federation tokens to be used to obtain a scoped token using the 'token' authentication method. When using the Identity service's federation extension, an unscoped federation token is returned as a result of the initial authentication. This is then exchanged for a scoped token. An unscoped federation token previously had to use the 'saml2' or 'mapped' authentication to obtain a scoped token. This is inconsistent with the method used to exchanging a regular unscoped token for a scoped token, which uses the 'token' method. Exchanging an unscoped federation token for a scoped token now uses the 'token' authentication method, which is consistent with the regular unscoped token behavior.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-05 13:20:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description RHOS Integration 2015-02-05 14:17:12 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/federation-token-scoping.

Description:

see spec for details: http://specs.openstack.org/openstack/keystone-specs/specs/kilo/federation-token-scoping.html

Specification URL (additional information):

http://specs.openstack.org/openstack/keystone-specs/specs/kilo/federation-token-scoping.html
Comment 8 errata-xmlrpc 2015-08-05 13:20:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2015:1548