[Openstack-security] [Bug 1430951] Re: Revocation causes duplicate (and overly broad?) events in revocation table
OpenStack Infra
1430951 at bugs.launchpad.net
Wed Apr 15 00:48:48 UTC 2015
Reviewed: https://review.openstack.org/171305
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=888488cc2e205971636a83ad39059ed2cf8a9c65
Submitter: Jenkins
Branch: master
commit 888488cc2e205971636a83ad39059ed2cf8a9c65
Author: Alexander Makarov <amakarov at mirantis.com>
Date: Tue Apr 7 20:25:03 2015 +0300
Redundant events on group grant revocation
Revoke a project scoped token
You see 3 entries in revocation_event table
1) (id, user_id, project_id, role_id, issued_before)
2) (id, user_id,, issued_before)
3) (id, user_id,, issued_before)
2 & 3 are redundant. Definitely 3) is redundant as it is same as 2)
Both 2 & 3 are the result of handling notification fired by
_emit_invalidate_token_persistence.
Change-Id: I7199bcb9f9425004985e9db0833ce1f8a0ff5ac6
Closes-Bug: 1430951
** Changed in: keystone
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1430951
Title:
Revocation causes duplicate (and overly broad?) events in revocation
table
Status in OpenStack Identity (Keystone):
Fix Committed
Bug description:
Revoke a project scoped token
You see 3 entries in revocation_event table
1) (id, user_id, project_id, role_id, issued_before)
2) (id, user_id,, issued_before)
3) (id, user_id,, issued_before)
2 & 3 are redundant. Definitely 3) is redundant as it is same as 2)
BTW, this from master branch as of 3/11/2015
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1430951/+subscriptions
More information about the Openstack-security
mailing list