Public bug reported: Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account. but there is a program, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource I don't know whether somewhere i parsed is wrong, this is my mapping: { "local": [ { "user": { "name": "{3}", "realname": "{2}", "email": "{3}" }, "group": { "name": "demo", "domain": { "name": "Default" } } } ], "remote": [ { "type": "HTTP_OIDC_SUB" }, { "type": "HTTP_OIDC_ISS" }, { "type": "HTTP_OIDC_NAME" }, { "type": "HTTP_OIDC_EMAIL" } ] }
devstack address: www.scorpio.ml ** Affects: keystone Importance: Undecided Status: New ** Tags: federation ** Description changed: - Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account. - but there is a program, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource - I don't know whether somewhere i parsed is wrong, this is my mapping(see the Attachment) + Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account. + but there is a program, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource + I don't know whether somewhere i parsed is wrong, this is my mapping(see the Attachment) devstack address: www.scorpio.ml ** Description changed: Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account. but there is a program, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource - I don't know whether somewhere i parsed is wrong, this is my mapping(see the Attachment) + I don't know whether somewhere i parsed is wrong, this is my mapping: + { + "local": [ + { + "user": { + "name": "{3}", + "realname": "{2}", + "email": "{3}" + }, + "group": { + "name": "demo", + "domain": { + "name": "Default" + } + } + } + ], + "remote": [ + { + "type": "HTTP_OIDC_SUB" + }, + { + "type": "HTTP_OIDC_ISS" + }, + { + "type": "HTTP_OIDC_NAME" + }, + { + "type": "HTTP_OIDC_EMAIL" + } + ] + } devstack address: www.scorpio.ml -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1547031 Title: Can't distinguish users through openid login Status in OpenStack Identity (keystone): New Bug description: Accrounding to the doc (http://docs.openstack.org/developer/keystone/configure_federation.html), I parse openid login in my devstack. and i have success login with google account. but there is a program, how can i distinguish users? I know all the federation users are in one group, and the group is relate with a project. In my devstack, all of users login through openid have the same project , and have the same resource, when i create a resource and orther user login through openid can also see the resource I don't know whether somewhere i parsed is wrong, this is my mapping: { "local": [ { "user": { "name": "{3}", "realname": "{2}", "email": "{3}" }, "group": { "name": "demo", "domain": { "name": "Default" } } } ], "remote": [ { "type": "HTTP_OIDC_SUB" }, { "type": "HTTP_OIDC_ISS" }, { "type": "HTTP_OIDC_NAME" }, { "type": "HTTP_OIDC_EMAIL" } ] } devstack address: www.scorpio.ml To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1547031/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp