[Openstack] Adding User to Roles invalidates current token?

Joe Topjian joe.topjian at cybera.ca
Wed Aug 28 18:14:59 UTC 2013


I'm running through some Folsom to Grizzly upgrade tests and have noticed
an odd issue with Keystone and Horizon:

If I'm logged into Horizon as the admin user and then (on the command line)
add a role to the admin user to a tenant, my Horizon session is now invalid
and I have to logout and log back in.

Logs are showing this error:

Unauthorized: Unable to communicate with identity service: {"error":
{"message": "Could not find token: 80429dc1ca214b39ad3ef17a71ac5915",
"code": 401, "title": "Not Authorized"}}. (HTTP 401)

If I use MySQL as the token store, I can see that the token in question has
indeed become invalid.

I'm not sure if something broke or is misconfigured from the upgrade or if
this is a new characteristic of Keystone?

Any ideas?


Joe Topjian
Systems Architect
Cybera Inc.


Cybera is a not-for-profit organization that works to spur and support
innovation, for the economic benefit of Alberta, through the use
of cyberinfrastructure.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130828/2cc3fd83/attachment.html>

More information about the Openstack mailing list