[Openstack-operators] Specify a domain in mapping rules

J. Pablo Martín Cobos goinnn at gmail.com
Fri Jun 19 06:51:37 UTC 2015 

Hi all,

I'm a Python/Django software developer [1].  We have to do an integration
of OpenStack and a Shibboleth IdP in my current project.

This is not a easy feature to configure... but finally we got it :-) Now we
only need specify a domain for the user different to the "Federated"
default domain. This domain depends on an attribute from the IdP.

Is it possible to get with stable/kilo branch? Is it a feature for the next
 release? [2] These are my rules:

[
    {
        "local": [
            {
                "user": {
                    "name": "{0}",
                    "domain": {
                        "name": "{1}"
                    }
                }
            },
            {
                "group": {
                    "id": "0ff59ec2f97646eb9350fe75478f9600"
                }
            }
        ],
        "remote": [
            {
                "type": "identity"
            },
            {
                "type": "domain"
            }
        ]
    }
]

I have tested with a lot of rules with little changes:

"domain": {
    "name": "Default"
}

or

"domain": {
    "id": "default"
}

or

"domain": {
    "id": "14321243"
}

etc... and this never works :-(

Could you help me?

REF's

1. https://github.com/goinnn
2.
https://github.com/openstack/keystone-specs/blob/master/api/v3/identity-api-v3-os-federation-ext.rst

Thanks a lot!!,


--

Pablo Martín
Software engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150619/fe281b2a/attachment.html>

More information about the OpenStack-operators mailing list