This is by design, to avoid unnecessarily leaking security-related
details.
However, if debug is enabled, then error message should be specific
about what caused the 401 -- but it should still be a 401.
** Changed in: keystone
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1238547
Title:
differentiate between missing and non-enabled users
Status in OpenStack Identity (Keystone):
Won't Fix
Bug description:
The current implementation returns HTTP error code 401 (Unauthorized)
even when the user exists and the password is correct, but the actual
user is disabled.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1238547/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
