Add warning about using external
with federation
Using both the `external` authentication method and a federation method (such as saml2, etc) can result in conflicts [1] [1] http://docs.openstack.org/developer/keystone/external-auth.html#configuration Change-Id: Ifb95d779d48c14a4fa24a26d016151edf409d760 Related-Bug: #1657978
This commit is contained in:
parent
0a4ca273ae
commit
a551b94dd7
@ -20,7 +20,11 @@ methods = cfg.ListOpt(
|
||||
'methods',
|
||||
default=constants._DEFAULT_AUTH_METHODS,
|
||||
help=utils.fmt("""
|
||||
Allowed authentication methods.
|
||||
Allowed authentication methods. Note: You should disable the `external` auth
|
||||
method if you are currently using federation. External auth and federation
|
||||
both use the REMOTE_USER variable. Since both the mapped and external plugin
|
||||
are being invoked to validate attributes in the request environment, it can
|
||||
cause conflicts.
|
||||
"""))
|
||||
|
||||
password = cfg.StrOpt( # nosec : This is the name of the plugin, not
|
||||
|
Loading…
Reference in New Issue
Block a user