[Openstack-security] [Bug 1442787] Re: Mapping openstack_user attribute in k2k assertions with different domains
Chuck Short
chuck.short at canonical.com
Sun Oct 11 14:22:38 UTC 2015
** Also affects: keystone/kilo
Importance: Undecided
Status: New
** Changed in: keystone/kilo
Status: New => Fix Committed
** Changed in: keystone/kilo
Milestone: None => 2015.1.2
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1442787
Title:
Mapping openstack_user attribute in k2k assertions with different
domains
Status in Keystone:
Fix Released
Status in Keystone kilo series:
Fix Committed
Bug description:
We can have two users with the same username in different domains. So
if we have a "User A" in "Domain X" and a "User A" in "Domain Y",
there is no way to differ what "User A" is being used in a SAML
assertion generated by this IdP (we have only the openstack_user
attribute in the SAML assertion).
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1442787/+subscriptions
More information about the Openstack-security
mailing list