[Openstack-security] [Bug 1185905] Re: User tokens logged by keystoneclient.middleware.auth_token
Jeremy Stanley
fungi at yuggoth.org
Thu May 30 19:05:34 UTC 2013
*** This bug is a duplicate of bug 1004114 ***
https://bugs.launchpad.net/bugs/1004114
I think this is one of the facets of the debug-level credential logging
which is being solved several ways in different places? Marking as a
duplicate of bug 1004114 but readjust if this is separate.
** Information type changed from Private Security to Public
** Tags added: security
** This bug has been marked a duplicate of bug 1004114
Password logging
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1185905
Title:
User tokens logged by keystoneclient.middleware.auth_token
Status in OpenStack Identity (Keystone):
Triaged
Bug description:
At level DEBUG, keystoneclient.middleware.auth_token will log user
tokens, both when storing to and retrieving from memcache.
I would expect that credentials are not logged at any level.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1185905/+subscriptions
More information about the Openstack-security
mailing list