Sanity bug fixes in cassandra cache and keystone authentication
Description: This commit has two fixes.
1) For calls made through api-lib, exclude_back_refs is true,
id_perms timestamp is used to cassandra cache has to be refresshed.
update_latest_col_ts doesn't update id_perms timestamp, when
symmetric refs are updated. Changed to call update_last_modified
does update id_perms timestamp as well as latest_col_ts.
2) keystone authentication when failed in neutron plugin code,
will return empty auth_hdrs. Because empty auth_hdrs are returned,
HTTP_X_ROLES were missing when the execution comes to RBAC.
When authentiation fails, auth headers are set to None, and this
will raise AuthFailed exception in plugin code, which client may
use to retry with a valid token.
Reviewed: https:/ /review. opencontrail. org/35598 github. com/Juniper/ contrail- controller/ commit/ 061e29144039203 fbddb526df962c7 dcc936baa2
Committed: http://
Submitter: Zuul (<email address hidden>)
Branch: master
commit 061e29144039203 fbddb526df962c7 dcc936baa2
Author: Suresh Venkata <email address hidden>
Date: Wed Sep 13 15:52:30 2017 -0700
Sanity bug fixes in cassandra cache and keystone authentication
Description: This commit has two fixes.
1) For calls made through api-lib, exclude_back_refs is true, latest_ col_ts doesn't update id_perms timestamp, when last_modified
id_perms timestamp is used to cassandra cache has to be refresshed.
update_
symmetric refs are updated. Changed to call update_
does update id_perms timestamp as well as latest_col_ts.
2) keystone authentication when failed in neutron plugin code,
will return empty auth_hdrs. Because empty auth_hdrs are returned,
HTTP_X_ROLES were missing when the execution comes to RBAC.
When authentiation fails, auth headers are set to None, and this
will raise AuthFailed exception in plugin code, which client may
use to retry with a valid token.
Change-Id: I46827370bba90b bad1b36843474f6 36e3cf72f77
Closes-Bug: #1716311
Closes-Bug: #1716573