de15ee7947
Previously, when a password change occured in ironic,
the session would not be invalidated, and this, in theory,
could lead to all sorts of issues with the old password
still being re-used for authentication.
In a large environment where credentials for BMCs may not
be centralized, this can quickly lead to repeated account
lockout experiences for the BMC service account.
Anyhow, now we consider it in tracking the sessions, so
when the saved password is changed, a new session is
established, and the old session is eventually expired out
of the cache.
Change-Id: I49e1907b89a9096aa043424b205e7bd390ed1a2f
(cherry picked from commit c2ba869040)
8 lines
299 B
YAML
8 lines
299 B
YAML
---
|
|
fixes:
|
|
- |
|
|
Fixes an issue where the Redfish session cache would continue using an
|
|
old session when a password for a Redfish BMC was changed. Now the old
|
|
session will not be found in this case, and a new session will be created
|
|
with the latest credential information available.
|