[Openstack] [openstack][keystone] Using X.509 External Authentication with OpenStack Identity

David Chadwick d.w.chadwick at kent.ac.uk
Thu Oct 24 09:15:24 UTC 2013

I think you need the attribute mapping functionality that is currently 
being specified here

The API says how to set up the mappings (though currently not how to 
apply them. This will be an internal method in the first instance.) It 
is designed for situations like the one you mention when externally 
assigned attributes are different to the ones used by Keystone



On 23/10/2013 23:35, Colin Leavett-Brown wrote:
> The havana configuration reference contains a section on how to
> configure keystone to accept x.509 certificates. How does one map x.509
> credentials to keystone IDs, projects, roles and privileges?
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

More information about the Openstack mailing list