keystone authorization failure

asked 2013-06-14 04:59:33 -0500

star amethyst gravatar image

updated 2013-06-17 21:36:04 -0500

I had set up a keystone(version:openstack-keystone-2012.2-1.fc18.noarch) service in fedora 17.

And keystone user-list、tenant-list and role-list run normally.

I add a tenant:demo, a user:admin, a role:admin and use user_role_add to grant admin role to admin user in the demo tenant.

when I verifying the identity sevice installation according to (openstack_installation), a fault has occurred.

First, verify that authentication is behaving as expected by using user and password to generate an authentication token

$ keystone --os-username=admin --os-password=secrete --os-auth-url= token-get

I can get correct informations, including user_id , token_id and expires.

But when verify that authorization is behaving as expected by requesting authorization on a tenant, the problem is occurred.

$ keystone --os-username=admin --os-password=secrete --os-tenant-name=demo --os-auth-url= token-get

An error has happened:

Authorization Failed: An unexpected error prevented the server from fulfilling your request. %c requires int or char (HTTP 500)

Any sugguestion is welcome, tninks a lot!

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2013-06-17 22:26:45 -0500

Vysakh gravatar image

When you create the tenant demo. You might have used a different password or user name than the default tenant. You may go through the blow link on manual tenant/service creation. And make sure to use the same username and password when you used while creation. If you think you messed up in setting up mysql permissions and role/tenant creations. Drop the keystone table and recreate it and perform a db sync.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-06-14 04:59:33 -0500

Seen: 3,630 times

Last updated: Jun 17 '13