Horizon requires /v3 suffix in OPENSTACK_KEYSTONE_URL for some options

Bug #2073639 reported by Franciszek Przewoźny
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
New
Undecided
Unassigned

Bug Description

Hey,

As a disclaimer: most of the configuration is default, parameters related to endpoints are default.

With following option set in Keystone:

[security_compliance]
change_password_upon_first_use = True

Horizon redirects correctly to "Change password" screen, but it doesn't work.

From logs, it seems like the POST query is executed against http://HERE_IP:5000/users/a5e3b6a416234807a870897e88a3c365/password

2024-07-15 21:45:10.166568 DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): HERE_IP:5000
2024-07-15 21:45:10.178351 DEBUG:urllib3.connectionpool:http://HERE_IP:5000 "POST /users/a5e3b6a416234807a870897e88a3c365/password HTTP/1.1" 404 207
2024-07-15 21:45:10.178875 DEBUG:keystoneauth.session:Request returned failure status: 404
2024-07-15 21:45:10.179095 Unable to update password due to exception: Not Found (HTTP 404) (Request-ID: req-de6cf206-d160-41e3-81d2-14fde17d301a)

Manually checked endpoint with GET query, and it wasn't found:
# curl http://HERE_IP:5000/users/a5e3b6a416234807a870897e88a3c365/password
<!doctype html>
<html lang=en>
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>

But /v3 endpoint exist:
# curl http://HERE_IP:5000/v3/users/a5e3b6a416234807a870897e88a3c365/password
{"message": "The method is not allowed for the requested URL."}

So password change POST query should be executed against /v3 API.

With Horizon configuration overwritten, it works just fine:
OPENSTACK_KEYSTONE_URL = "http://HERE_IP:5000/v3"

It looks like Horizon bug, that this feature does not work with such prefix set.

Thank you,
Franciszek

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.