![]() Make corrections to the mod_auth_mellon federation documentation for consistency and clarity, including: - Remove reference to shibboleth.xml when explaining the remote-id attribute in the main federation configuration instructions, as this does not generalize to all IdPs - Change references from /etc/httpd to /etc/apache2 because the document begins with an apt-get so it follows that the rest of the examples should assume a Debian-like environment - Change references to example IdP 'idp_1' to 'myidp' for consistency with the shibboleth examples - Change references to example protocol 'saml2' to 'mapped' since the saml2 auth plugin was removed[1] - Remove references to wsgi-keystone.conf since devstack just calls it keystone.conf, and enabling this vhost is already covered in the "Running Keystone in HTTPD" section - Remove reference to the ssl mod: it's obviously recommended but not strictly relevant to this topic - Remove instruction to restart apache immediately after enabling auth_mellon, as it would fail while Mellon is not yet fully configured. The document already mentions restarting apache after Mellon is configured. - Add a link to the mellon_create_metadata.sh script, since this does not come as an executable with the mod package. - Add tip about the SP metadata file generated by mod_auth_mellon - Move paragraph about fetching the IdP metadata to the end of the section so that the information about generating and uploading the SP metadata is grouped together [1] https://review.openstack.org/#/c/374508/ Change-Id: I47255db5e762bd2d2901b78afba2b1efa0c0f224 |
||
---|---|---|
api-ref/source | ||
config-generator | ||
devstack | ||
doc | ||
etc | ||
examples/pki | ||
httpd | ||
keystone | ||
keystone_tempest_plugin | ||
rally-jobs | ||
releasenotes | ||
tools | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.mailmap | ||
.testr.conf | ||
CONTRIBUTING.rst | ||
HACKING.rst | ||
LICENSE | ||
README.rst | ||
babel.cfg | ||
bindep.txt | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Team and repository tags
OpenStack Keystone
Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP.
Developer documentation, the source of which is in
doc/source/
, is published at:
The API specification and documentation are available at:
The canonical client library is available at:
https://git.openstack.org/cgit/openstack/python-keystoneclient
Documentation for cloud administrators is available at:
The source of documentation for cloud administrators is available at:
Information about our team meeting is available at:
Bugs and feature requests are tracked on Launchpad at:
Future design work is tracked at:
https://specs.openstack.org/openstack/keystone-specs/#identity-program-specifications
Contributors are encouraged to join IRC
(#openstack-keystone
on freenode):
For information on contributing to Keystone, see
CONTRIBUTING.rst
.