[Rdo-list] [Heat ]unauthorized to use heat

Adam Young ayoung at redhat.com
Fri Jul 10 04:15:32 UTC 2015 

On 07/09/2015 03:33 AM, pauline phaure wrote:
> Hey there, can anyone please help me.

In order to use any service, you need a scoped token.  I suspect taht 
the Heat API is limited to Admin users, and maybe you are using the demo 
user token?

http://git.openstack.org/cgit/openstack/heat/tree/etc/heat/policy.json

You don't say What API you are trying to call.  Most of the Heat APIs 
look like they are:

|"deny_stack_user": "not role:heat_stack_user",|


But a few are |"role:admin",|


|"stacks:global_index": is deny everybody|



>
> when I try to use heat I have this error pumping out:
>
> ERROR: Authentication required
>
> when I check the heat-api.log I found the errors below
>
> By the way I'm using the kilo version of packstack
>
> Thank you in advance for your response
>
> 2015-07-08 17:48:43.485 9954 INFO eventlet.wsgi.server [-] (9954) 
> accepted ('192.168.5.34', 47989)
> 2015-07-08 17:48:43.486 9954 DEBUG 
> heat.api.middleware.version_negotiation [-] Processing request: POST 
> /v1/b6b814fb67b74c0c94ef7a008a953a3a/stacks Accept: application/json 
> process_request 
> /usr/lib/python2.7/site-packages/heat/api/middleware/version_negotiation.py:50
> 2015-07-08 17:48:43.487 9954 DEBUG 
> heat.api.middleware.version_negotiation [-] Matched versioned URI. 
> Version: 1.0 process_request 
> /usr/lib/python2.7/site-packages/heat/api/middleware/version_negotiation.py:65
> 2015-07-08 17:48:43.487 9954 DEBUG keystoneclient.auth.identity.v2 [-] 
> Making authentication request to http://192.168.5.34:35357/v2.0/tokens 
> get_auth_ref 
> /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v2.py:76
> 2015-07-08 17:48:43.551 9954 DEBUG keystoneclient.session [-] Request 
> returned failure status: 401 request 
> /usr/lib/python2.7/site-packages/keystoneclient/session.py:396
> 2015-07-08 17:48:43.552 9954 WARNING keystonemiddleware.auth_token [-] 
> Identity response: {"error": {"message": "The request you have made 
> requires authentication.", "code": 401, "title": "Unauthorized"}}
> 2015-07-08 17:48:43.552 9954 DEBUG keystoneclient.auth.identity.v2 [-] 
> Making authentication request to http://192.168.5.34:35357/v2.0/tokens 
> get_auth_ref 
> /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v2.py:76
> 2015-07-08 17:48:43.616 9954 DEBUG keystoneclient.session [-] Request 
> returned failure status: 401 request 
> /usr/lib/python2.7/site-packages/keystoneclient/session.py:396
> 2015-07-08 17:48:43.617 9954 WARNING keystonemiddleware.auth_token [-] 
> Identity response: {"error": {"message": "The request you have made 
> requires authentication.", "code": 401, "title": "Unauthorized"}}
> 2015-07-08 17:48:43.617 9954 WARNING keystonemiddleware.auth_token [-] 
> Authorization failed for token
> 2015-07-08 17:48:43.618 9954 INFO eventlet.wsgi.server [-] 
> 192.168.5.34 - - [08/Jul/2015 17:48:43] "POST 
> /v1/b6b814fb67b74c0c94ef7a008a953a3a/stacks HTTP/1.1" 401 290 0.131893
> 2015-07-08 17:48:43.724 9954 DEBUG 
> heat.api.middleware.version_negotiation [-] Processing request: POST 
> /v1/b6b814fb67b74c0c94ef7a008a953a3a/stacks Accept: application/json 
> process_request 
> /usr/lib/python2.7/site-packages/heat/api/middleware/version_negotiation.py:50
> 2015-07-08 17:48:43.724 9954 DEBUG 
> heat.api.middleware.version_negotiation [-] Matched versioned URI. 
> Version: 1.0 process_request 
> /usr/lib/python2.7/site-packages/heat/api/middleware/version_negotiation.py:65
> 2015-07-08 17:48:43.724 9954 DEBUG keystoneclient.auth.identity.v2 [-] 
> Making authentication request to http://192.168.5.34:35357/v2.0/tokens 
> get_auth_ref 
> /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v2.py:76
> 2015-07-08 17:48:43.792 9954 DEBUG keystoneclient.session [-] Request 
> returned failure status: 401 request 
> /usr/lib/python2.7/site-packages/keystoneclient/session.py:396
> 2015-07-08 17:48:43.793 9954 WARNING keystonemiddleware.auth_token [-] 
> Identity response: {"error": {"message": "The request you have made 
> requires authentication.", "code": 401, "title": "Unauthorized"}}
> 2015-07-08 17:48:43.793 9954 DEBUG keystoneclient.auth.identity.v2 [-] 
> Making authentication request to http://192.168.5.34:35357/v2.0/tokens 
> get_auth_ref 
> /usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v2.py:76
> 2015-07-08 17:48:43.859 9954 DEBUG keystoneclient.session [-] Request 
> returned failure status: 401 request 
> /usr/lib/python2.7/site-packages/keystoneclient/session.py:396
> 2015-07-08 17:48:43.859 9954 WARNING keystonemiddleware.auth_token [-] 
> Identity response: {"error": {"message": "The request you have made 
> requires authentication.", "code": 401, "title": "Unauthorized"}}
> 2015-07-08 17:48:43.860 9954 WARNING keystonemiddleware.auth_token [-] 
> Authorization failed for token
> 2015-07-08 17:48:43.861 9954 INFO eventlet.wsgi.server [-] 
> 192.168.5.34 - - [08/Jul/2015 17:48:43] "POST 
> /v1/b6b814fb67b74c0c94ef7a008a953a3a/stacks HTTP/1.1" 401 290 0.138049
>
>
>
>
> _______________________________________________
> Rdo-list mailing list
> Rdo-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rdo-list
>
> To unsubscribe: rdo-list-unsubscribe at redhat.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rdoproject.org/pipermail/dev/attachments/20150710/fea6e48e/attachment.html>

More information about the dev mailing list