From 989dd7142f3f882ad37b5eae57c9c8f9cd57ccca Mon Sep 17 00:00:00 2001 From: Matthieu Huin Date: Mon, 10 Mar 2014 23:47:56 +0100 Subject: [PATCH] Add missing documentation for enabling federation auth plugin The saml2 method and plugin must be declared in keystone.conf for federation to be completely enabled. Change-Id: Id68ffdc8a84d093406c836ee6988bfdb9e58d50f Closes-Bug: #1290582 Co-Authored-By: Florent Flament --- doc/source/extensions/federation-configuration.rst | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/doc/source/extensions/federation-configuration.rst b/doc/source/extensions/federation-configuration.rst index 854ecfbd58..a1b9bd4674 100644 --- a/doc/source/extensions/federation-configuration.rst +++ b/doc/source/extensions/federation-configuration.rst @@ -26,7 +26,14 @@ To enable the federation extension: [federation] driver = keystone.contrib.federation.backends.sql.Federation -2. Add the ``federation_extension`` middleware to the ``api_v3`` pipeline in +2. Add the ``saml2`` authentication method to the ``[auth]`` section in + ``keystone.conf``:: + + [auth] + methods = external,password,token,saml2 + saml2 = keystone.auth.plugins.saml2.Saml2 + +3. Add the ``federation_extension`` middleware to the ``api_v3`` pipeline in ``keystone-paste.ini``. For example:: [pipeline:api_v3] @@ -34,7 +41,7 @@ To enable the federation extension: xml_body json_body ec2_extension s3_extension federation_extension service_v3 -3. Create the federation extension tables if using the provided SQL backend. +4. Create the federation extension tables if using the provided SQL backend. For example:: ./bin/keystone-manage db_sync --extension federation