[Openstack] [keystone]user role revoke from one tenants disables user's token got using another tenant
Akilesh K
akilesh1597 at gmail.com
Tue Dec 8 09:22:04 UTC 2015
Hi,
There is a use case where keystone seems to behave improperly. Not sure if
it is a bug, please do comment.
A user has 'admin' role for two tenants. When I remove 'admin' role
association from one tenant for the user, the user's token got earlier for
other tenant becomes invalid.
However if I get a new token using the second tenant it works.
In more detail
user 'test' has 'admin' role in tenant 't1' and 't2'.
revoke 'admin' role for user 'test' for tenant 't1'
The user's token for 't2' become invalid.
Is this valid behavior.
Thank you,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151208/12dacd08/attachment.html>
More information about the Openstack
mailing list