openstack/keystone
Code Issues Proposed changes

Add missing documentation for enabling federation auth plugin

Browse Source 
The saml2 method and plugin must be declared in keystone.conf for
federation to be completely enabled.

Change-Id: Id68ffdc8a84d093406c836ee6988bfdb9e58d50f
Closes-Bug: #1290582
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
This commit is contained in:
Matthieu Huin 2014-03-10 23:47:56 +01:00
parent 126179129f
commit 989dd7142f
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/source/extensions/federation-configuration.rst
View File

@ -26,7 +26,14 @@ To enable the federation extension:
[federation] [federation]
driver = keystone.contrib.federation.backends.sql.Federation driver = keystone.contrib.federation.backends.sql.Federation
2. Add the ``federation_extension`` middleware to the ``api_v3`` pipeline in 2. Add the ``saml2`` authentication method to the ``[auth]`` section in
``keystone.conf``::
[auth]
methods = external,password,token,saml2
saml2 = keystone.auth.plugins.saml2.Saml2
3. Add the ``federation_extension`` middleware to the ``api_v3`` pipeline in
``keystone-paste.ini``. For example:: ``keystone-paste.ini``. For example::
[pipeline:api_v3] [pipeline:api_v3]
@ -34,7 +41,7 @@ To enable the federation extension:
xml_body json_body ec2_extension s3_extension federation_extension xml_body json_body ec2_extension s3_extension federation_extension
service_v3 service_v3
3. Create the federation extension tables if using the provided SQL backend. 4. Create the federation extension tables if using the provided SQL backend.
For example:: For example::
./bin/keystone-manage db_sync --extension federation ./bin/keystone-manage db_sync --extension federation