Bug 1268056 - [RFE] Request for keystone V3 support with RadosGW
Summary: [RFE] Request for keystone V3 support with RadosGW
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat
Component: RGW
Version: 1.2.3
Hardware: Unspecified
OS: Linux
Target Milestone: rc
: 2.0
Assignee: Matt Benjamin (redhat)
QA Contact: shilpa
Bara Ancincova
: 1259258 1274082 1335963 (view as bug list)
Depends On:
Blocks: 1322504 1335963
TreeView+ depends on / blocked
Reported: 2015-10-01 17:12 UTC by Mike Hackett
Modified: 2019-11-14 07:01 UTC (History)
17 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
.Keystone 3 authentication is now supported Red Hat Ceph Storage now supports OpenStack Keystone 3 authentication. As a result, users can use Keystone 3 to authenticate to the Ceph Object Gateway. For details, see the https://access.redhat.com/documentation/en/red-hat-ceph-storage/2/single/using-keystone-to-authenticate-ceph-object-gateway-users[Using Keystone to Authenticate Ceph Object Gateway Users] guide.
Clone Of:
: 1335963 (view as bug list)
Last Closed: 2016-08-23 19:27:58 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Ceph Project Bug Tracker 8052 0 None None None Never
Ceph Project Bug Tracker 13303 0 None None None Never
Red Hat Bugzilla 1259258 0 medium CLOSED [RFE] Enable OpenStack Keystone version 3 support in RHCS 2021-02-22 00:41:40 UTC
Red Hat Product Errata RHBA-2016:1755 0 normal SHIPPED_LIVE Red Hat Ceph Storage 2.0 bug fix and enhancement update 2016-08-23 23:23:52 UTC

Internal Links: 1259258

Description Mike Hackett 2015-10-01 17:12:35 UTC
1. Proposed title of this feature request  
   Request for keystone V3 support with RadosGW

2. Who is the customer behind the request? Daniel van der Ster
    Account: National College of Ireland / Nci
    Account #: 	846298
    TAM customer: no
    SRM customer: no  
    Strategic: no  
    3. What is the nature and description of the request?  
Would like integration between RadosGW and Keystone V3
    4. Why does the customer need this? 
Keystone can now support more rational user authentication protocols and deals with the concept of domains much better, service accounts now stay in an sql backed 'default' domain and multiple domains and protocols are now supported (ldap, saml, openid, adfs). non-default users are stored in an id_mapping table in the keystone database, with a userid that contains a domain id - keystone version 2  cannot decipher these tokens and therefore radosgw cannot see that the user has an acceptable role (Member, swiftoperator etc.)

    5. Is there already an existing RFE upstream or in Red Hat Bugzilla?  

   6. Is the sales team involved in this request and do they have any additional input?  
    7. List any affected packages or components. 
OSP Juno on rhel 6.5
RHCS 1.2.3

Comment 2 Ken Dreyer (Red Hat) 2015-10-21 21:42:36 UTC
*** Bug 1274082 has been marked as a duplicate of this bug. ***

Comment 12 Ken Dreyer (Red Hat) 2016-05-10 20:35:10 UTC
*** Bug 1259258 has been marked as a duplicate of this bug. ***

Comment 30 shilpa 2016-08-02 09:01:37 UTC
Feature has been verified and the doc text looks fine.

Comment 32 errata-xmlrpc 2016-08-23 19:27:58 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 33 Ken Dreyer (Red Hat) 2016-09-26 20:57:02 UTC
*** Bug 1335963 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.