From f0a11485894f56aba337f65af5f92bede12ef17f Mon Sep 17 00:00:00 2001
From: Mark Washenberger <mark.washenberger@rackspace.com>
Date: Fri, 3 Feb 2012 17:31:35 -0500
Subject: X_USER is deprecated in favor of X_USER_ID

Addressed bug 926372

Eventually, we should stop supporting X_USER because it is *supposed* to
be the user's login name rather than their id. But this change preserves
the old behavior for stability.

For more info checkout keystone/middleware/auth_token.py in the keystone
project.

Change-Id: Ie837e73f9a592a903af71a426e202f8b6a9ac581
---
 nova/api/auth.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'nova/api')

diff --git a/nova/api/auth.py b/nova/api/auth.py
index cb601bdb3..316a8f72f 100644
--- a/nova/api/auth.py
+++ b/nova/api/auth.py
@@ -56,10 +56,10 @@ class NovaKeystoneContext(wsgi.Middleware):
 
     @webob.dec.wsgify(RequestClass=wsgi.Request)
     def __call__(self, req):
-        try:
-            user_id = req.headers['X_USER']
-        except KeyError:
-            logging.debug("X_USER not found in request")
+        user_id = req.headers.get('X_USER')
+        user_id = req.headers.get('X_USER_ID', user_id)
+        if user_id is None:
+            logging.debug("Neither X_USER_ID nor X_USER found in request")
             return webob.exc.HTTPUnauthorized()
         # get the roles
         roles = [r.strip() for r in req.headers.get('X_ROLE', '').split(',')]
-- 
cgit