You have been subscribed to a public bug:
When a user logs into Horizon an unscoped token is created using which a
scoped token is obtained. I am logged into Horizon and remove myself
from a project which is not the current active project. This results in
all my scoped tokens getting invalidated. I have some API calls in the
middleware that require authorization which fail because the token is
invalid. Horizon will throw an Unauthorized error (see attachment) and
the only way to recover from this is to clear cookies, logout and log
back in again.
Horizon should immediately obtain a new scoped token if previous token
is invalidated. Alternatively, keystone should not invalidate all tokens
(for all projects) when user is removed from one project.
** Affects: horizon
Importance: Undecided
Status: New
--
Horizon doesn't create new scoped token when user role is removed
https://bugs.launchpad.net/bugs/1528967
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
