X-Map-Roles
is missing, can’t be decoded, or is a malformed JSON object.
The Tenant Culling filter is used on resources that need further specific tenant id information. The filter looks at all the tenants that Keystone returns for a user to creates and populates a list of them based on the specific roles that were used to grant access to the resource.
Name: tenant-culling
Default Configuration: No configuration
Released: v8.7.0.0
Bundle: repose-filter-bundle
No Configuration Schema
X-Map-Roles
- A mapping between tenants and the roles on them.
The value of this header is a JSON object that has been base 64 encoded.
X-Relevant-Roles
- The roles this user was granted access based on.
The following filters are used to populate the Required Request Headers:
Keystone v2 filter - Populates the X-Map-Roles
header needed to determine the appropriate tenant ids.
Simple RBAC filter / API Validator filter - Either one is required because they set the X-Relevant-Roles
header.
X-Tenant-Id
- The tenants that match the roles this request was authorized with.
X-Map-Roles
- The mapping will be updated to only contain those tenants that have a role that matched against relevant roles.
These headers prior values will be overwritten where existent. |