[mitaka][keystone] Authentication over keycloak server possible?
Hi,
we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication.
So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now...
Thanks :)
Kind regards
Michael
Michael Stang Laboringenieur, Dipl. Inf. (FH)
Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim
michael.stang@dhbw-mannheim.de mailto:michael.stang@dhbw-mannheim.de http://www.mannheim.dhbw.de http://www.dhbw-mannheim.de/
Hi Michael,
It is possible to use Keycloak as an identity provider and federate over SAML 2.0 or OpenID Connect. Please see this documentation for more details https://docs.openstack.org/keystone/latest/admin/federation/configure_federa...
There are a few improvements in later versions with regards to federation, so I would advise upgrading if possible. Most importantly, Mitaka has been End Of Life, and hence unsupported since 2017-04-10. But outside of that, you’re good to go.
Best, Kristi
From: Michael Stang michael.stang@dhbw-mannheim.de Date: Friday, November 29, 2019 at 9:25 AM To: "openstack-discuss@lists.openstack.org" openstack-discuss@lists.openstack.org Subject: [mitaka][keystone] Authentication over keycloak server possible?
Hi,
we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication.
So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now...
Thanks :)
Kind regards
Michael
Michael Stang Laboringenieur, Dipl. Inf. (FH)
Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim
michael.stang@dhbw-mannheim.de mailto:michael.stang@dhbw-mannheim.dehttp://www.mannheim.dhbw.dehttp://www.dhbw-mannheim.de/
[cid:7e0b1716-5d14-479c-b601-30379f07106a]
Hi Kristi,
great, many thanks for the link, I will give this a try :-)
Kind regrads,
Michael
"Nikolla, Kristi" knikolla@bu.edu hat am 2. Dezember 2019 um 16:26 geschrieben:
Hi Michael, It is possible to use Keycloak as an identity provider and federate over SAML 2.0 or OpenID Connect. Please see this documentation for more details https://docs.openstack.org/keystone/latest/admin/federation/configure_federation.html#keystone-as-a-service-provider-sp https://docs.openstack.org/keystone/latest/admin/federation/configure_federation.html#keystone-as-a-service-provider-sp There are a few improvements in later versions with regards to federation, so I would advise upgrading if possible. Most importantly, Mitaka has been End Of Life, and hence unsupported since 2017-04-10. But outside of that, you’re good to go. Best, Kristi From: Michael Stang <michael.stang@dhbw-mannheim.de> Date: Friday, November 29, 2019 at 9:25 AM To: "openstack-discuss@lists.openstack.org" <openstack-discuss@lists.openstack.org> Subject: [mitaka][keystone] Authentication over keycloak server possible? Hi, we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication. So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now... Thanks :) Kind regards Michael Michael Stang Laboringenieur, Dipl. Inf. (FH) Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim michael.stang@dhbw-mannheim.de mailto:michael.stang@dhbw-mannheim.de http://www.mannheim.dhbw.de http://www.dhbw-mannheim.de/
participants (2)
-
Michael Stang
-
Nikolla, Kristi