Description of problem:
If we have local rgw user and an LDAP user with the same name then RGW doesn't differentiate between them. so a bucket created by local user will be visible to ldap user. Not sure is this expected behaviour else it will be a security flaw.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.configure rgw , created a local user with name "user1" and create few buckets with keys
2.setup ldap and create an user with same name "user1"
3.from s3 api authenticate ldap user "user1" and try to list buckets
All the buckets of local rgw user "user1" will be listed even though we have userd ldap user's key
Pritha's fix has been pending upstream, looks like it can be merged by 4, not needed for 3.x.
I have closed this issue because it has been inactive for some time now. If you feel this still deserves attention feel free to reopen it.
Updating the QA Contact to a Hemant. Hemant will be rerouting them to the appropriate QE Associate.