Actually, this isn't trusts, if I understand it correctly, but rather the REMOTE_USER patch that went in earlier. THe short version is that you run keystone in Apache, and set up strong authentication in Apache. REMOTE_USER is from the wsgi (Python CGI) contract. It is the variable set by Apache and sent to Keystone saying the username of the authenticated user. Will that work for you? On 02/06/2013 09:58 AM, Dolph Mathews wrote: > Adam Young is working on introducing delegation in grizzly: > https://blueprints.launchpad.net/keystone/+spec/trusts > > I'm sure he'd appreciate some help if you'd like to contribute! > > > -Dolph > > > On Wed, Feb 6, 2013 at 8:54 AM, Mballo Cherif > <Cherif.Mballo at gemalto.com <mailto:Cherif.Mballo at gemalto.com>> wrote: > > Hi everybody ! > > I am wondering if it's possible to delegate keystone > Authentication to an Authentication against a server (I have one > Strong Authentication server) or an Identity Provider? > > If I make modification on keystoneclient code it may be possible? > > Any ideas? Please help me! > > Thanks ! > > Sherif! > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > <https://launchpad.net/%7Eopenstack> > Post to : openstack at lists.launchpad.net > <mailto:openstack at lists.launchpad.net> > Unsubscribe : https://launchpad.net/~openstack > <https://launchpad.net/%7Eopenstack> > More help : https://help.launchpad.net/ListHelp > > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack at lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130206/388e3bc7/attachment.html>