Open Stack

Hi All,

I am using the yoga version of OpenStack with the deployment tool of
kolla-ansible. I am currently facing the below error when logging in via
federated login using Globus Auth.

" Login failed: An error occurred authenticating. Please try again later."

When attempting to login, we are able to redirect the page to globus and
process the request. However, when it comes back to the horizon login page,
I am getting an authentication error. I have set up my keystone identity
provider in globals.yml as below.

keystone_identity_providers:
  - name: "globus"
    openstack_domain: "Default"
    protocol: "openid"
    identifier: "https://auth.globus.org"
    public_name: "Authenticate via Globus Auth"
    attribute_mapping: "globus"
    metadata_folder: "/home/user/osmetadata"
    keystone_federation_oidc_jwks_uri: "https://auth.globus.org/jwk.json"

keystone_identity_mappings:
  - name: "globus"
    file: "/home/user/globus.json"

Apart from specifying the identity provider and mapping, below are the
other configurations we have set up when deploying.

kolla_enable_tls_internal: "no"
kolla_enable_tls_external: "yes"
kolla_enable_tls_backend: "no"
kolla_verify_tls_backend: "yes"

Thanks for the help,
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230704/363de080/attachment.htm>