759c626987
This patch aim to configure Keystone to use Mellon according to [1] [1] http://docs.openstack.org/developer/keystone/federation/mellon.html Change-Id: I092ea274bd3aa6aa2fd59d01bd2af48744f37240
17 lines
1.0 KiB
Plaintext
17 lines
1.0 KiB
Plaintext
WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ <%= scope['keystone::params::keystone_wsgi_script_path'] -%>/$1
|
|
|
|
<Location /v3>
|
|
MellonEnable "info"
|
|
MellonSPPrivateKeyFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.key
|
|
MellonSPCertFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.cert
|
|
MellonSPMetadataFile <%= scope['apache::mod_dir']-%>/mellon/http_keystone.fqdn.xml
|
|
MellonIdPMetadataFile <%= scope['apache::mod_dir']-%>/mellon/idp-metadata.xml
|
|
MellonEndpointPath /v3/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::mellon::idp_name']-%>/protocols/<%= scope['keystone::federation::mellon::protocol_name']-%>/auth/mellon
|
|
MellonIdP "IDP"
|
|
</Location>
|
|
|
|
<Location /v3/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::mellon::idp_name']-%>/protocols/<%= scope['keystone::federation::mellon::protocol_name']-%>/auth>
|
|
AuthType "Mellon"
|
|
MellonEnable "auth"
|
|
</Location>
|