Open Stack

Hello,
You need enable keystone debug log to find exact what is wrong,
Nguyen Huu Khoi


On Wed, Jul 5, 2023 at 4:48 AM James Leong <jamesleong123098 at gmail.com>
wrote:

> Hi All,
>
> I am using the yoga version of OpenStack with the deployment tool of
> kolla-ansible. I am currently facing the below error when logging in via
> federated login using Globus Auth.
>
> " Login failed: An error occurred authenticating. Please try again later."
>
> When attempting to login, we are able to redirect the page to globus and
> process the request. However, when it comes back to the horizon login page,
> I am getting an authentication error. I have set up my keystone identity
> provider in globals.yml as below.
>
> keystone_identity_providers:
>   - name: "globus"
>     openstack_domain: "Default"
>     protocol: "openid"
>     identifier: "https://auth.globus.org"
>     public_name: "Authenticate via Globus Auth"
>     attribute_mapping: "globus"
>     metadata_folder: "/home/user/osmetadata"
>     keystone_federation_oidc_jwks_uri: "https://auth.globus.org/jwk.json"
>
> keystone_identity_mappings:
>   - name: "globus"
>     file: "/home/user/globus.json"
>
> Apart from specifying the identity provider and mapping, below are the
> other configurations we have set up when deploying.
>
> kolla_enable_tls_internal: "no"
> kolla_enable_tls_external: "yes"
> kolla_enable_tls_backend: "no"
> kolla_verify_tls_backend: "yes"
>
> Thanks for the help,
> James
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230705/4eb073d8/attachment.htm>