[mitaka][keystone] Authentication over keycloak server possible?
Hi, we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication. So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now... Thanks :) Kind regards Michael Michael Stang Laboringenieur, Dipl. Inf. (FH) Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim michael.stang@dhbw-mannheim.de mailto:michael.stang@dhbw-mannheim.de http://www.mannheim.dhbw.de http://www.dhbw-mannheim.de/
Hi Michael, It is possible to use Keycloak as an identity provider and federate over SAML 2.0 or OpenID Connect. Please see this documentation for more details https://docs.openstack.org/keystone/latest/admin/federation/configure_federa... There are a few improvements in later versions with regards to federation, so I would advise upgrading if possible. Most importantly, Mitaka has been End Of Life, and hence unsupported since 2017-04-10. But outside of that, you’re good to go. Best, Kristi From: Michael Stang <michael.stang@dhbw-mannheim.de> Date: Friday, November 29, 2019 at 9:25 AM To: "openstack-discuss@lists.openstack.org" <openstack-discuss@lists.openstack.org> Subject: [mitaka][keystone] Authentication over keycloak server possible? Hi, we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication. So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now... Thanks :) Kind regards Michael Michael Stang Laboringenieur, Dipl. Inf. (FH) Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim michael.stang@dhbw-mannheim.de <mailto:michael.stang@dhbw-mannheim.de>http://www.mannheim.dhbw.de<http://www.dhbw-mannheim.de/> [cid:7e0b1716-5d14-479c-b601-30379f07106a]
Hi Kristi, great, many thanks for the link, I will give this a try :-) Kind regrads, Michael "Nikolla, Kristi" <knikolla@bu.edu> hat am 2. Dezember 2019 um 16:26 geschrieben:
Hi Michael,
It is possible to use Keycloak as an identity provider and federate over SAML 2.0 or OpenID Connect. Please see this documentation for more details https://docs.openstack.org/keystone/latest/admin/federation/configure_federa... https://docs.openstack.org/keystone/latest/admin/federation/configure_federa...
There are a few improvements in later versions with regards to federation, so I would advise upgrading if possible. Most importantly, Mitaka has been End Of Life, and hence unsupported since 2017-04-10. But outside of that, you’re good to go.
Best,
Kristi
From: Michael Stang <michael.stang@dhbw-mannheim.de> Date: Friday, November 29, 2019 at 9:25 AM To: "openstack-discuss@lists.openstack.org" <openstack-discuss@lists.openstack.org> Subject: [mitaka][keystone] Authentication over keycloak server possible?
Hi,
we have an OpenStack Mitaka installation running (yes I know it's pretty old ;-) ) at our lab and would like to use the keycloak-server from the central IT for authentication.
So I would like to know if it is already possible in mitaka to use this external keycloak server or if this only possible in a later OpenStack version? Maybe anyone know and if yes is there any documentation how to do it? Was searching for it but found not much about it by now...
Thanks :)
Kind regards
Michael
Michael Stang Laboringenieur, Dipl. Inf. (FH)
Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim ZeMath Zentrum für mathematisch-naturwissenschaftliches Basiswissen Fachbereich Informatik, Fakultät Technik Coblitzallee 1-9 68163 Mannheim
michael.stang@dhbw-mannheim.de mailto:michael.stang@dhbw-mannheim.de http://www.mannheim.dhbw.de http://www.dhbw-mannheim.de/
participants (2)
-
Michael Stang
-
Nikolla, Kristi