| *** gyee has quit IRC | 00:21 | |
| *** spatel has joined #openstack-keystone | 00:36 | |
| *** mugsie has quit IRC | 01:00 | |
| *** mugsie has joined #openstack-keystone | 01:04 | |
| *** raildo has quit IRC | 01:06 | |
| *** dave-mccowan has quit IRC | 01:20 | |
| cmurphy | bbezak: i'm not sure what's wrong but it might actually be a problem with the catalog, as it says? when i try to reproduce (federated user with an app cred running osc server list) the catalog appears in the debug output | 01:27 |
|---|---|---|
| cmurphy | if you're able to access it as a regular user i would try that and see if it's working properly that way | 01:28 |
| *** brinzhang_ has joined #openstack-keystone | 02:25 | |
| brinzhang_ | hi, who can send the wallaby PTG plan? thanks | 02:25 |
| *** rcernin has quit IRC | 02:38 | |
| *** ayoung has quit IRC | 03:03 | |
| *** rcernin has joined #openstack-keystone | 03:06 | |
| *** spatel has quit IRC | 03:15 | |
| *** rcernin has quit IRC | 03:26 | |
| *** rcernin has joined #openstack-keystone | 03:47 | |
| *** rcernin has quit IRC | 03:47 | |
| *** rcernin has joined #openstack-keystone | 03:47 | |
| *** vishalmanchanda has joined #openstack-keystone | 05:28 | |
| *** evrardjp has quit IRC | 05:33 | |
| *** evrardjp has joined #openstack-keystone | 05:33 | |
| openstackgerrit | Keigo Noha proposed openstack/keystone master: Support bytes type in generate_public_ID() https://review.opendev.org/759812 | 06:17 |
| *** abdysn has joined #openstack-keystone | 06:51 | |
| *** bengates has joined #openstack-keystone | 07:56 | |
| *** bengates has quit IRC | 07:56 | |
| *** bengates has joined #openstack-keystone | 07:56 | |
| openstackgerrit | Keigo Noha proposed openstack/keystone master: Support bytes type in generate_public_ID() https://review.opendev.org/759812 | 08:04 |
| bbezak | cmurphy: non-federated users' app credentials works fine. both in default domain and federated users' one. Will try to debug this mode, thx | 08:13 |
| *** rcernin has quit IRC | 08:23 | |
| *** spatel has joined #openstack-keystone | 10:05 | |
| *** spatel has quit IRC | 10:10 | |
| *** takamatsu is now known as mauro|call | 10:37 | |
| *** mauro|call is now known as takamatsu | 10:37 | |
| *** gshippey has joined #openstack-keystone | 10:55 | |
| *** abdysn has quit IRC | 12:21 | |
| *** raildo has joined #openstack-keystone | 12:23 | |
| *** wey_gu has joined #openstack-keystone | 12:28 | |
| *** Luzi has joined #openstack-keystone | 12:55 | |
| *** wey_gu has quit IRC | 12:59 | |
| *** dave-mccowan has joined #openstack-keystone | 13:07 | |
| *** Luzi has quit IRC | 13:31 | |
| *** brinzhang_ has quit IRC | 13:37 | |
| *** sapd1 has quit IRC | 13:44 | |
| *** sapd1 has joined #openstack-keystone | 13:44 | |
| *** dave-mccowan has quit IRC | 13:46 | |
| *** dave-mccowan has joined #openstack-keystone | 13:49 | |
| *** oklhost has joined #openstack-keystone | 14:11 | |
| bbezak | cmurphy: I've found several things during investigation issues of mine with application credentials for federated users: | 14:41 |
| bbezak | - https://bugs.launchpad.net/keystone/+bug/1832092 still affects keystone 17.0, even after fixes from https://bugs.launchpad.net/keystone/+bug/1809116 - I am not able to create application credential via horizon when group membership coming from federation only | 14:41 |
| openstack | Launchpad bug 1809116 in OpenStack Identity (keystone) "duplicate for #1832092 [rfe] Expiring User Group Memberships" [High,Fix released] - Assigned to Kristi Nikolla (knikolla) | 14:41 |
| bbezak | - I was able to find correct IDP mapping to create working application credential - mapping to existing project, instead of group - http://paste.openstack.org/raw/LxCnfTQ7Uuqk6bPQz80l/ | 14:41 |
| bbezak | - Application credential that was not working has "None" Project ID field. | 14:41 |
| bbezak | - For group mapping, I tested also "default_authorization_ttl" configuration value. However with that enabled - application credenitals where also made with "None" Project ID field - giving "The service catalog is empty" as before | 14:41 |
| openstack | Launchpad bug 1809116 in OpenStack Identity (keystone) "[rfe] Expiring User Group Memberships" [High,Fix released] - Assigned to Kristi Nikolla (knikolla) | 14:41 |
| *** Luzi has joined #openstack-keystone | 14:44 | |
| *** bengates_ has joined #openstack-keystone | 15:18 | |
| *** bengates has quit IRC | 15:19 | |
| *** gyee has joined #openstack-keystone | 15:34 | |
| *** Luzi has quit IRC | 16:50 | |
| *** bengates has joined #openstack-keystone | 16:56 | |
| *** bengates_ has quit IRC | 16:59 | |
| *** bengates has quit IRC | 17:01 | |
| *** ricolin has quit IRC | 17:10 | |
| cmurphy | bbezak: ah interesting, i was going to blame #1809116 but i thought that was fixed in ussuri | 17:11 |
| cmurphy | i feel like i saw the "None" project ID problem before but I don't see a bug report for it | 17:11 |
| cmurphy | wonder if knikolla knows more ^ | 17:12 |
| *** vishalmanchanda has quit IRC | 17:30 | |
| *** legochen has quit IRC | 19:20 | |
| *** melwitt has joined #openstack-keystone | 20:07 | |
| openstackgerrit | Gage Hugo proposed openstack/keystone master: Hide AccountLocked exception from end users https://review.opendev.org/759940 | 20:24 |
| bbezak | cmurphy: I guess mr Knikolla will be around during PTG :). I can raise a bug as well though | 20:41 |
| *** gouthamr has quit IRC | 20:58 | |
| *** gouthamr has joined #openstack-keystone | 20:59 | |
| *** gouthamr has quit IRC | 20:59 | |
| *** gouthamr has joined #openstack-keystone | 20:59 | |
| *** raildo has quit IRC | 21:05 | |
| *** rcernin has joined #openstack-keystone | 23:02 | |
| *** gshippey has quit IRC | 23:32 | |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!