[openstack-dev] Specify a domain in mapping rules

J. Pablo Martín Cobos goinnn at gmail.com
Thu Jun 18 11:04:52 UTC 2015 

Hi all,

I'm a Python/Django software developer [1].  We have to do an integration
of OpenStack and a Shibboleth IdP in my current project.

This is not a easy feature to configure... but finally we got it :-) Now we
only need specify a domain for the user different to the "Federated"
default domain. This domain depends on an attribute from the IdP.

Is it possible to get with stable/kilo branch? Is it a feature for the next
 release? [2] These are my rules:

[
    {
        "local": [
            {
                "user": {
                    "name": "{0}",
                    "domain": {
                        "name": "{1}"
                    }
                }
            },
            {
                "group": {
                    "id": "0ff59ec2f97646eb9350fe75478f9600"
                }
            }
        ],
        "remote": [
            {
                "type": "identity"
            },
            {
                "type": "domain"
            }
        ]
    }
]

I have tested with a lot of rules with little changes:

"domain": {
    "name": "Default"
}

or

"domain": {
    "id": "default"
}

or

"domain": {
    "id": "14321243"
}

etc... and this never works :-(

Could you help me?

REF's

1. https://github.com/goinnn
2.
https://github.com/openstack/keystone-specs/blob/master/api/v3/identity-api-v3-os-federation-ext.rst

Thanks a lot!!,

--

Pablo Martín
Software engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150618/7e2423d0/attachment.html>

More information about the OpenStack-dev mailing list