2024-07-15 20:09:15 |
Franciszek Przewoźny |
description |
Hey,
As a disclaimer: most of the configuration is default, parameters related to endpoints are default.
With following option set in Keystone:
[security_compliance]
change_password_upon_first_use = True
Horizon redirects correctly to "Change password" screen, but it doesn't work.
From logs, it seems like the POST query is executed against http://192.168.4.100:5000/users/a5e3b6a416234807a870897e88a3c365/password
2024-07-15 21:45:10.166568 DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 192.168.4.100:5000
2024-07-15 21:45:10.178351 DEBUG:urllib3.connectionpool:http://192.168.4.100:5000 "POST /users/a5e3b6a416234807a870897e88a3c365/password HTTP/1.1" 404 207
2024-07-15 21:45:10.178875 DEBUG:keystoneauth.session:Request returned failure status: 404
2024-07-15 21:45:10.179095 Unable to update password due to exception: Not Found (HTTP 404) (Request-ID: req-de6cf206-d160-41e3-81d2-14fde17d301a)
Manually checked endpoint with GET query, and it wasn't found:
# curl http://192.168.4.100:5000/users/a5e3b6a416234807a870897e88a3c365/password
<!doctype html>
<html lang=en>
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>
But /v3 endpoint exist:
# curl http://192.168.4.100:5000/v3/users/a5e3b6a416234807a870897e88a3c365/password
{"message": "The method is not allowed for the requested URL."}
So password change POST query should be executed against /v3 API.
With Horizon configuration overwritten, it works just fine:
OPENSTACK_KEYSTONE_URL = "http://HERE_IP:5000/v3"
I'm not sure here if Horizon should be reconfigured, or Keystone API endpoint should include /v3 in path.
Thank you,
Franciszek |
Hey,
As a disclaimer: most of the configuration is default, parameters related to endpoints are default.
With following option set in Keystone:
[security_compliance]
change_password_upon_first_use = True
Horizon redirects correctly to "Change password" screen, but it doesn't work.
From logs, it seems like the POST query is executed against http://HERE_IP:5000/users/a5e3b6a416234807a870897e88a3c365/password
2024-07-15 21:45:10.166568 DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): HERE_IP:5000
2024-07-15 21:45:10.178351 DEBUG:urllib3.connectionpool:http://HERE_IP:5000 "POST /users/a5e3b6a416234807a870897e88a3c365/password HTTP/1.1" 404 207
2024-07-15 21:45:10.178875 DEBUG:keystoneauth.session:Request returned failure status: 404
2024-07-15 21:45:10.179095 Unable to update password due to exception: Not Found (HTTP 404) (Request-ID: req-de6cf206-d160-41e3-81d2-14fde17d301a)
Manually checked endpoint with GET query, and it wasn't found:
# curl http://HERE_IP:5000/users/a5e3b6a416234807a870897e88a3c365/password
<!doctype html>
<html lang=en>
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>
But /v3 endpoint exist:
# curl http://HERE_IP:5000/v3/users/a5e3b6a416234807a870897e88a3c365/password
{"message": "The method is not allowed for the requested URL."}
So password change POST query should be executed against /v3 API.
With Horizon configuration overwritten, it works just fine:
OPENSTACK_KEYSTONE_URL = "http://HERE_IP:5000/v3"
I'm not sure here if Horizon should be reconfigured, or Keystone API endpoint should include /v3 in path.
Thank you,
Franciszek |
|