[openstack-dev] [keystone] Help consuming trusts
shardy at redhat.com
Sat Aug 17 12:18:30 UTC 2013
On Fri, Aug 16, 2013 at 11:42:52AM -0400, Steve Martinelli wrote:
> Hi Steven,
> You can look at the unit tests being run.
> It looks like you need to provide the trustee uname/password and the trust
> id. Keep digging into 'build_authentication_request" to see how it's
> structured, then it's just a call to /auth/tokens.
Thanks for the pointers, I've looked at the tests, and it seems like most
of them are error path tests, I'm not sure which one demonstrates a
successful response from the v3 /auth/tokens with a trust ID specified in
the scope section of the request?
I've raised two bugs related to this issue:
The latter was discussed on IRC yesterday and I've tested the fix and the
500 error is fixed, but now I get the same 401 response for both token and
username/password requests. If I don't specify a trust ID in the request,
I get a token back without any problem.
It may be that there is an issue with my keystoneclient patch:
However, despite looking carefully at the requests generated, I can't spot
any problem, the requests appear to match the required format in the API
There are reproducers on each of the bugs above, showing the failure in
both token and password methods, if anyone has time to take a look and help
me figure out the next step, that would be much appreciated as atm I'm a
More information about the OpenStack-dev