Do not log keystone token
Previously token values are logged as DEBUG level when a new client object is instantiated. In other project and clients, token values are now not logged and is output as *REDACTED* instead. In Horizon these log lines do not have much meaning and we can simply remove them. Change-Id: I67617ac6424907574d79ec2a57b513a548e220d2 Closes-Bug: #1380642
This commit is contained in:
parent
0245407f44
commit
47f1d49690
@ -278,8 +278,6 @@ def ceilometerclient(request):
|
|||||||
endpoint = base.url_for(request, 'metering')
|
endpoint = base.url_for(request, 'metering')
|
||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
LOG.debug('ceilometerclient connection created using token "%s" '
|
|
||||||
'and endpoint "%s"' % (request.user.token.id, endpoint))
|
|
||||||
return ceilometer_client.Client('2', endpoint,
|
return ceilometer_client.Client('2', endpoint,
|
||||||
token=(lambda: request.user.token.id),
|
token=(lambda: request.user.token.id),
|
||||||
insecure=insecure,
|
insecure=insecure,
|
||||||
|
@ -160,8 +160,6 @@ def cinderclient(request):
|
|||||||
except exceptions.ServiceCatalogException:
|
except exceptions.ServiceCatalogException:
|
||||||
LOG.debug('no volume service configured.')
|
LOG.debug('no volume service configured.')
|
||||||
raise
|
raise
|
||||||
LOG.debug('cinderclient connection created using token "%s" and url "%s"' %
|
|
||||||
(request.user.token.id, cinder_url))
|
|
||||||
c = api_version['client'].Client(request.user.username,
|
c = api_version['client'].Client(request.user.username,
|
||||||
request.user.token.id,
|
request.user.token.id,
|
||||||
project_id=request.user.tenant_id,
|
project_id=request.user.tenant_id,
|
||||||
|
@ -41,8 +41,6 @@ def glanceclient(request, version='1'):
|
|||||||
url = base.url_for(request, 'image')
|
url = base.url_for(request, 'image')
|
||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
LOG.debug('glanceclient connection created using token "%s" and url "%s"'
|
|
||||||
% (request.user.token.id, url))
|
|
||||||
return glance_client.Client(version, url, token=request.user.token.id,
|
return glance_client.Client(version, url, token=request.user.token.id,
|
||||||
insecure=insecure, cacert=cacert)
|
insecure=insecure, cacert=cacert)
|
||||||
|
|
||||||
|
@ -36,8 +36,6 @@ def heatclient(request, password=None):
|
|||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
endpoint = base.url_for(request, 'orchestration')
|
endpoint = base.url_for(request, 'orchestration')
|
||||||
LOG.debug('heatclient connection created using token "%s" and url "%s"' %
|
|
||||||
(request.user.token.id, endpoint))
|
|
||||||
kwargs = {
|
kwargs = {
|
||||||
'token': request.user.token.id,
|
'token': request.user.token.id,
|
||||||
'insecure': insecure,
|
'insecure': insecure,
|
||||||
|
@ -160,7 +160,6 @@ def keystoneclient(request, admin=False):
|
|||||||
if (hasattr(request, cache_attr) and
|
if (hasattr(request, cache_attr) and
|
||||||
(not user.token.id or
|
(not user.token.id or
|
||||||
getattr(request, cache_attr).auth_token == user.token.id)):
|
getattr(request, cache_attr).auth_token == user.token.id)):
|
||||||
LOG.debug("Using cached client for token: %s" % user.token.id)
|
|
||||||
conn = getattr(request, cache_attr)
|
conn = getattr(request, cache_attr)
|
||||||
else:
|
else:
|
||||||
endpoint = _get_endpoint_url(request, endpoint_type)
|
endpoint = _get_endpoint_url(request, endpoint_type)
|
||||||
|
@ -493,10 +493,6 @@ def get_ipver_str(ip_version):
|
|||||||
def neutronclient(request):
|
def neutronclient(request):
|
||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
LOG.debug('neutronclient connection created using token "%s" and url "%s"'
|
|
||||||
% (request.user.token.id, base.url_for(request, 'network')))
|
|
||||||
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
|
|
||||||
{'user': request.user.id, 'tenant': request.user.tenant_id})
|
|
||||||
c = neutron_client.Client(token=request.user.token.id,
|
c = neutron_client.Client(token=request.user.token.id,
|
||||||
auth_url=base.url_for(request, 'identity'),
|
auth_url=base.url_for(request, 'identity'),
|
||||||
endpoint_url=base.url_for(request, 'network'),
|
endpoint_url=base.url_for(request, 'network'),
|
||||||
|
@ -419,8 +419,6 @@ class FloatingIpManager(network_base.FloatingIpManager):
|
|||||||
def novaclient(request):
|
def novaclient(request):
|
||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
|
|
||||||
(request.user.token.id, base.url_for(request, 'compute')))
|
|
||||||
c = nova_client.Client(request.user.username,
|
c = nova_client.Client(request.user.username,
|
||||||
request.user.token.id,
|
request.user.token.id,
|
||||||
project_id=request.user.tenant_id,
|
project_id=request.user.tenant_id,
|
||||||
|
@ -110,8 +110,6 @@ def swift_api(request):
|
|||||||
endpoint = base.url_for(request, 'object-store')
|
endpoint = base.url_for(request, 'object-store')
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
LOG.debug('Swift connection created using token "%s" and url "%s"'
|
|
||||||
% (request.user.token.id, endpoint))
|
|
||||||
return swiftclient.client.Connection(None,
|
return swiftclient.client.Connection(None,
|
||||||
request.user.username,
|
request.user.username,
|
||||||
None,
|
None,
|
||||||
|
@ -30,8 +30,6 @@ def troveclient(request):
|
|||||||
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
|
||||||
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
|
||||||
trove_url = base.url_for(request, 'database')
|
trove_url = base.url_for(request, 'database')
|
||||||
LOG.debug('troveclient connection created using token "%s" and url "%s"' %
|
|
||||||
(request.user.token.id, trove_url))
|
|
||||||
c = client.Client(request.user.username,
|
c = client.Client(request.user.username,
|
||||||
request.user.token.id,
|
request.user.token.id,
|
||||||
project_id=request.user.project_id,
|
project_id=request.user.project_id,
|
||||||
|
Loading…
Reference in New Issue
Block a user