Hi, I'm implementing the feature of "Identity Provider Specific WebSSO" on RHEL7+RHOSP8, according to the document: http://docs.openstack.org/developer/keystone/configure_federation.html. In the part of "Configure Apache to use a federation capable authentication method", I choose Mellon protocol for federation authentication. When setting up mellon, according to the document: http://docs.openstack.org/developer/keystone/federation/mellon.html, there is a step, "wget --cacert /path/to/ca.crt -O /etc/httpd/mellon/idp-metadata.xml https://idp.fqdn/idp/saml2/metadata". what's the meaning of this parameter,“https://idp.fqdn/idp/saml2/metadata” Also, which external identity provider should i choose. Could you please help me ? Best regards, schmitt -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160511/578219e2/attachment.html>