OpenStack Identity (keystone)

Fix null password value on hash_user_password

Bug #1256491 reported by huangtianhua
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
In Progress
Medium
huangtianhua

Bug Description

My operation as bellows:

1. Run command "keystone help user-create", we can see the --pass parameter is optional

2. So i create a user without --pass

3. The error msg raised:
    "Expecting to find string in password. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error. (HTTP 400)"

4. Find that the keystoneclient post the request to server, the "password" is null:
     REQ BODY: {"user": {"email": null, "password": null, "enabled": true, "name": "hthtest", "tenantId": null}}

5. The server check the length of the password when hash it. So the TypeError be catched, and the server raised the exception.

6. So i think it's no need to hash the password if it's a null value.

huangtianhua (huangtianhua)
Changed in keystone:
assignee: nobody → huangtianhua (huangtianhua)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to keystone (master)

Fix proposed to branch: master
Review: https://review.openstack.org/59260

Changed in keystone:
status: New → In Progress
Revision history for this message
Steve Martinelli (stevemar) wrote :

Looks like there is also a bug in here against keystone client, it should allow password to be optional. (If it actually is an optional parameter)

Dolph Mathews (dolph)
Changed in keystone:
importance: Undecided → Medium
Revision history for this message
Dolph Mathews (dolph) wrote :

My apologies for not catching this as a duplicate sooner!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.