d5a1b27a8f
This patch addresses the following issues in OpenID Connect federated authentication and enables WebSSO as well as non-WebSSO authentication flows. - WSGIScriptAliasMatch has been removed because default puppet-keystone defines a ScriptAlias for the root, effectively creating a redundant configuration. - Added a new parameter `openidc_response_type` to the `openidc` class which allows you to select the provider response type. This is useful for when providers don't support default `id_token`. - Removed `openidc_redirect_uri` from the `openidc_httpd_configuration` class in order to be able to build the entire URL in the template for both WebSSO and non-WebSSO OpenID connect flows With this patch, users have the ability to get a fully configured WebSSO setup out of the box. Change-Id: I00f57dc92e794aef826a023dcf92f0ce62ffed67 |
||
|---|---|---|
| .. | ||
| mellon.conf.erb | ||
| openidc.conf.erb | ||
| shibboleth.conf.erb | ||