2346829 – STS Federated Users Shadow User UID is missing "oidc$"

Bug 2346829 - STS Federated Users Shadow User UID is missing "oidc$"

Summary: STS Federated Users Shadow User UID is missing "oidc$"

Keywords:
Status:	VERIFIED
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	RGW
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	8.1
Assignee:	Matt Benjamin (redhat)
QA Contact:	Hemanth Sai
Docs Contact:
URL:
Whiteboard:
Depends On:	2346828
Blocks:
TreeView+	depends on / blocked

Reported:	2025-02-20 15:33 UTC by Pritha Srivastava
Modified:	2025-04-07 04:47 UTC (History)
CC List:	6 users (show)
Fixed In Version:	ceph-19.2.1-3.el9cp
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	2346828
Environment:
Last Closed:
Embargoed:
Dependent Products:
Flags:	mkasturi: needinfo+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-10656	0	None	None	None	2025-02-20 15:33:54 UTC

Description Pritha Srivastava 2025-02-20 15:33:09 UTC

+++ This bug was initially created as a clone of Bug #2346828 +++

Description of problem: STS federated users created as a result of AssumeRoleWithWebIdentity are not created in oidc namespace


Version-Release number of selected component (if applicable): 8.0


How reproducible: Always


Steps to Reproduce:
1.Create OIDC Provider in global tenant
2.Create Role in global tenant
3.Call AssumeRoleWithWebIdentity

Actual results:
A user based on 'sub' claim is created but not in 'oidc' namespace

Expected results:
A user based on 'sub' claim should be created in 'oidc' namespace

Additional info:

--- Additional comment from Storage PM bot on 2025-02-20 15:24:04 UTC ---

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

Note You need to log in before you can comment on or make changes to this bug.