[openstack-dev] [Barbican] Enabling GET of secrets to work irrespective of Tenant name in login

Vijay Venkatachalam Vijay.Venkatachalam at citrix.com
Tue Nov 10 08:41:42 UTC 2015


Hi,

Can we enable GET of secrets to work irrespective of Tenant name in the login?

Consider there is an "admin" with "admin" role in "demo" tenant. I tried to query the "demo" tenant's secret using  a login token which was generated from "admin" user  & "admin" tenant. And I am getting a Forbidden error. Could we make this scenario work?

UseCase:
======== 
LBaaS extension has admin credentials and generates a token and uses it to contact services like nova, barbican etc. It is currently using  the same token to get the tenant's secret/certificates with the href and it is not working.

Thanks,
Vijay V.



More information about the OpenStack-dev mailing list