Username and password fields are required even when SSO is used

Bug #1715336 reported by John Dilley
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

Using OpenID Connect for SSO, if I choose the SSO option for login, there is no Username or Password field. However (in at least Chrome and Firefox) the Javascript validates that they are filled in, which means you can't get to the SSO page.

This seems to be because in the HTML, there is the required tag in the <input> tags:

<input type="text" name="username" autofocus="autofocus" required class="form-control" id="id_username" />


<input type="password" name="password" required class="form-control" id="id_password" />

And all changing to SSO in the drop down does is to hide the form inputs. You can get past by changing to Keystone credentials, entering a dummy username and password, then switching to SSO, showing that the required fields are the cause.

This patch fixes it, but doesn't quite feel right for the non-SSO case:

diff --git a/openstack_auth/ b/openstack_auth/
index c7d0c51..90a9fd7 100644
--- a/openstack_auth/
+++ b/openstack_auth/
@@ -50,9 +50,11 @@ class Login(django_auth_forms.AuthenticationForm):
     region = forms.ChoiceField(label=_("Region"), required=False)
     username = forms.CharField(
         label=_("User Name"),
- widget=forms.TextInput(attrs={"autofocus": "autofocus"}))
+ widget=forms.TextInput(attrs={"autofocus": "autofocus"}),
+ required=False)
     password = forms.CharField(label=_("Password"),
- widget=forms.PasswordInput(render_value=False))
+ widget=forms.PasswordInput(render_value=False),
+ required=False)

     def __init__(self, *args, **kwargs):
         super(Login, self).__init__(*args, **kwargs)

Or am I just missing a config option somewhere?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.