ef48072d94
The current rule fails to load with oslo.policy, the correct value used to determine the admin project for the cloud_admin should simply be: `is_admin_project:True`, since that is what is stored in oslo.context. This problem was masking a more serious issue that domain admin tokens could be misinterpreted as cloud admin tokens. Change-Id: I3ea562c01e06e6c519fdaec3ab6e1dac204ced71 Closes-Bug: 1547684 Closes-Bug: 1651989 |
||
|---|---|---|
| .. | ||
| default_catalog.templates | ||
| keystone-paste.ini | ||
| keystone.conf.sample | ||
| logging.conf.sample | ||
| policy.json | ||
| policy.v3cloudsample.json | ||
| sso_callback_template.html | ||