master
stable/wallaby
stable/xena
stable/zed
stable/train
stable/ussuri
stable/victoria
stable/yoga
wallaby-em
18.6.0
21.0.0
stein-eol
rocky-eol
victoria-em
17.5.0
queens-eol
20.3.0
20.2.0
18.5.0
20.1.0
ussuri-em
16.4.0
20.0.0
19.4.0
19.3.0
19.2.0
19.1.0
train-em
19.0.0
15.5.0
18.4.0
18.3.0
18.2.0
18.1.0
18.0.0
stein-em
pike-eol
ocata-eol
17.4.0
17.3.0
17.2.0
17.1.0
16.3.0
16.2.1
16.2.0
rocky-em
16.1.0
16.0.0
queens-em
15.4.0
15.2.0
15.1.0
15.0.0
pike-em
11.6.0
ocata-em
14.4.0
14.3.0
14.2.0
newton-eol
14.1.0
13.3.1
13.3.0
13.1.0
13.0.0
12.4.0
12.3.0
12.2.0
10.4.0
11.4.0
9.6.0
12.1.0
11.3.1
12.0.0
11.3.0
11.2.0
mitaka-eol
11.1.0
10.3.1
8.3.0
11.0.0
10.3.0
9.5.0
10.2.0
10.1.0
liberty-eol
10.0.0
9.4.0
folsom-eol
essex-eol
juno-eol
icehouse-eol
havana-eol
grizzly-eol
9.3.0
9.2.0
8.2.0
9.1.0
kilo-eol
9.0.0
8.1.0
7.1.0
8.0.0
8.0.0b1
7.0.0
6.1.0
5.2.0
6.0.0
5.1.0
5.0.0
4.2.0
2.1.0
1.0.1
1.0.0
0.2.0
0.1.0
2.0.0
3.0.0
3.0.0-rc1
3.0.0-rc2
3.0.0-rc3
3.1.0
3.1.1
3.2.0
4.0.0
4.1.0
${ noResults }
5 Commits (2b391b409dd9642bb3bf095549e325111291f3bf)
| Author | SHA1 | Message | Date |
|---|---|---|---|
Tobias Urdin
|
ace7aeb3b7 |
Remove port 35357 deployment
The legacy admin and public ports for Keystone has since the release of the v3 API not been required as keystone moved all actions to the same API. [1] This patch removes the deployment of port 35357 and remodels puppet-keystone and more specifically the keystone::wsgi::apache class to only deploy keystone on port 5000. This has already been changed in the installation guides [2] and is the recommend way to deploy keystone. We have already prepared all our modules default values to use port 5000 instead of 35357 a while ago and we also in the Rocky release informed our users with a release note that this would be performed [3] [1] https://github.com/openstack/keystone/blob/master/keystone/server/wsgi.py [2] https://docs.openstack.org/keystone/rocky/install/keystone-install-obs.html [3] https://review.openstack.org/#/c/586791/ Closes-Bug: 1804426 Depends-On: https://review.openstack.org/#/c/627793/ Change-Id: I726cd9408d20f868b2b5337ef2df4da458904e51 |
4 years ago |
|
Lars Kellogg-Stedman
|
8e44af162b |
update support for openidc in puppet-keystone
The existing openidc support in puppet-keystone was incomplete and would result in invalid Apache configurations. This commit updates the openidc federation to work with modern Keystone and abstracts out some common parameters for use in other federated identity modules. Co-Authored-By: Nathan Kinder <nkinder@redhat.com> Change-Id: I200011e2e0ffd01a2aa26df8a03f03151eb64150 |
4 years ago |
|
Mohammed Naser
|
d5a1b27a8f |
Resolve OpenID Connect Integration issues
This patch addresses the following issues in OpenID Connect federated authentication and enables WebSSO as well as non-WebSSO authentication flows. - WSGIScriptAliasMatch has been removed because default puppet-keystone defines a ScriptAlias for the root, effectively creating a redundant configuration. - Added a new parameter `openidc_response_type` to the `openidc` class which allows you to select the provider response type. This is useful for when providers don't support default `id_token`. - Removed `openidc_redirect_uri` from the `openidc_httpd_configuration` class in order to be able to build the entire URL in the template for both WebSSO and non-WebSSO OpenID connect flows With this patch, users have the ability to get a fully configured WebSSO setup out of the box. Change-Id: I00f57dc92e794aef826a023dcf92f0ce62ffed67 |
6 years ago |
|
Carlos Camacho
|
08c30f7550 |
Fix puppet-lint before upgrading gem
Removing puppet-lint warnings in favor of upgrading to latest gem 2016-09-13 21:10:29.621198 | manifests/federation/mellon.pp:70:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621299 | manifests/federation/openidc.pp:1:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621338 | manifests/federation/openidc_httpd_configuration.pp:2:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621371 | manifests/federation/shibboleth.pp:80:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621400 | manifests/init.pp:749:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621428 | manifests/init.pp:862:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621456 | manifests/init.pp:869:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621483 | manifests/init.pp:870:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621510 | manifests/init.pp:923:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621537 | manifests/init.pp:927:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621564 | manifests/init.pp:931:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621592 | manifests/init.pp:935:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621633 | manifests/init.pp:939:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621662 | manifests/init.pp:943:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621689 | manifests/init.pp:1062:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621717 | manifests/init.pp:1067:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621742 | manifests/ldap.pp:468:ERROR: trailing whitespace found 2016-09-13 21:10:29.621771 | manifests/ldap_backend.pp:465:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621800 | manifests/wsgi/apache.pp:282:WARNING: line has more than 140 characters 2016-09-13 21:10:29.621824 | tests/site.pp:24:WARNING: unquoted node name found 2016-09-13 21:10:29.621848 | tests/site.pp:43:WARNING: unquoted node name found Change-Id: Ia308a08b002074d2393dc488a8ccc5429d675533 |
6 years ago |
|
Graeme Gillies
|
9fd52ae7b4 |
Added federation support for OpenID Connect with mod_auth_openidc
Change-Id: I710de4f38b899ab04cec8b3c5188e8a383bec18c |
7 years ago |