[Openstack-security] [Bug 1442787] Re: Mapping openstack_user attribute in k2k assertions with different domains
Thierry Carrez
thierry.carrez+lp at gmail.com
Thu Oct 15 09:56:36 UTC 2015
** Changed in: keystone
Milestone: liberty-1 => 8.0.0
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1442787
Title:
Mapping openstack_user attribute in k2k assertions with different
domains
Status in Keystone:
Fix Released
Status in Keystone kilo series:
Fix Released
Bug description:
We can have two users with the same username in different domains. So
if we have a "User A" in "Domain X" and a "User A" in "Domain Y",
there is no way to differ what "User A" is being used in a SAML
assertion generated by this IdP (we have only the openstack_user
attribute in the SAML assertion).
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1442787/+subscriptions
More information about the Openstack-security
mailing list