openstack/openstack-manuals
Code Issues Proposed changes
ae6dd0ffb3
openstack-manuals/doc/common/tables/keystone-federation.xml
Gauvain Pocentek a6d957b61e [config-ref] Updated options for keystone 
Change-Id: Ia878d852d1b7ccde4be3c7618dd1607eec3d7af9
2015-07-15 06:39:27 +02:00

47 lines
2.6 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='UTF-8'?>
<para xmlns="http://docbook.org/ns/docbook" version="5.0">
<!-- Warning: Do not edit this file. It is automatically
generated and your changes will be overwritten.
The tool to do so lives in openstack-doc-tools repository. -->
<table rules="all" xml:id="config_table_keystone_federation">
<caption>Description of federation configuration options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<th>Configuration option = Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan="2">[federation]</th>
</tr>
<tr>
<td><option>assertion_prefix</option> = <replaceable></replaceable></td>
<td>(StrOpt) Value to be used when filtering assertion parameters from the environment.</td>
</tr>
<tr>
<td><option>driver</option> = <replaceable>sql</replaceable></td>
<td>(StrOpt) Entrypoint for the federation backend driver in the keystone.federation namespace.</td>
</tr>
<tr>
<td><option>federated_domain_name</option> = <replaceable>Federated</replaceable></td>
<td>(StrOpt) A domain name that is reserved to allow federated ephemeral users to have a domain concept. Note that an admin will not be able to create a domain with this name or update an existing domain to this name. You are not advised to change this value unless you really have to. Changing this option to empty string or None will not have any impact and default name will be used.</td>
</tr>
<tr>
<td><option>remote_id_attribute</option> = <replaceable>None</replaceable></td>
<td>(StrOpt) Value to be used to obtain the entity ID of the Identity Provider from the environment (e.g. if using the mod_shib plugin this value is `Shib-Identity-Provider`).</td>
</tr>
<tr>
<td><option>sso_callback_template</option> = <replaceable>/etc/keystone/sso_callback_template.html</replaceable></td>
<td>(StrOpt) Location of Single Sign-On callback handler, will return a token to a trusted dashboard host.</td>
</tr>
<tr>
<td><option>trusted_dashboard</option> = <replaceable>[]</replaceable></td>
<td>(MultiStrOpt) A list of trusted dashboard hosts. Before accepting a Single Sign-On request to return a token, the origin host must be a member of the trusted_dashboard list. This configuration option may be repeated for multiple values. For example: trusted_dashboard=http://acme.com trusted_dashboard=http://beta.com</td>
</tr>
</tbody>
</table>
</para>
View Git Blame Copy Permalink