[Openstack] Keystone federation (in general and for Swift)

Vincenzo Pii vinc.pii at gmail.com
Tue Jul 14 15:20:27 UTC 2015


I would like to federate keystone with an IdP that has SSO to let those
user access Swift without duplicating any information on the keystone
database (I would install OpenStack with just keystone and Swift).

I have two questions about this.

1) Is there any good resource explaining how to configure the federation? I
am not sure if the page at [1] is updated with the improvements that were
added in kilo.

2) With no user information on the keystone database, will Swift work
completely? For example, how will swift accounts be created? As soon as
there is a mapping between a property and a tenant/project, keystone will
create the corresponding swift account even if there is no such entity in
the keystone DB?

Many thanks,
Vincenzo.

[1]: http://docs.openstack.org/developer/keystone/configure_federation.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150714/05cb451e/attachment.html>


More information about the Openstack mailing list