[openstack-ansible] Keystone federation with OpenID needs shibboleth
Taltavull Jean-Francois
jean-francois.taltavull at elca.ch
Wed May 5 15:26:59 UTC 2021
Hi All,
I'm trying to make keystone federation with openid connect work on an Ubuntu 20.04 + Victoria cloud deployed with OSA.
Despite the fact that I use openid, shibboleth seems to be involved and I had to add "ShibCompatValidUser On" directive to the file "/etc/apache2/conf-available/shib.conf", by hand in the keystone lxc container, in order to successfully authenticate ("valid user: granted" an not "valid user: denied" in apache log file).
Has anyone already experienced this use case ?
Thanks and best regards,
Jean-Francois
More information about the openstack-discuss
mailing list