[英]OpenStack Python Novaclient does not require authentication
I'm using OpenStack Diablo on RHEL6 with packages from GridDynamics. 我在RHEL6上使用GridDynamics的软件包中的OpenStack Diablo。
Everything seems to work with the EC2 api, but when using python-novaclient, the system just allow access to any api commands regardless of the authentication provided. 一切似乎都可以与EC2 api一起使用,但是使用python-novaclient时,无论提供的身份验证如何,系统都只允许访问任何api命令。
See https://github.com/masom/Puck/blob/master/server/plugins/virtualization/nova.py#L42 参见https://github.com/masom/Puck/blob/master/server/plugins/virtualization/nova.py#L42
I am not using Keystone for authentication (Waiting for essex to be released). 我没有使用Keystone进行身份验证(正在等待essex发布)。
Why is nova blindly allowing anyone to issue api commands regardless of the authentication data provided? 为什么nova盲目地允许任何人发出api命令,而不管所提供的身份验证数据如何?
Turns out /etc/nova/api-paste.ini
had noauth
and ec2noauth
原来
/etc/nova/api-paste.ini
没有noauth
和ec2noauth
Moving to the deprecated auth (not using keystone) by changing noauth
to auth
did it. 通过将
noauth
更改为auth
来移至已弃用的auth(不使用梯形失真)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.