[Openstack] Federated Identity And Identity Provider Specific WebSSO
ayoung at redhat.com
Thu May 12 03:54:51 UTC 2016
On 05/11/2016 11:08 AM, schmitt wrote:
> I'm implementing the feature of "Identity Provider Specific WebSSO" on
> according to the document:
> In the part of "Configure Apache to use a federation capable
> authentication method",
> I choose Mellon protocol for federation authentication.
> When setting up mellon, according to the document:
> there is a step, "wget --cacert /path/to/ca.crt -O
> /etc/httpd/mellon/idp-metadata.xml https://idp.fqdn/idp/saml2/metadata".
> what's the meaning of
> this parameter,“https://idp.fqdn/idp/saml2/metadata”
We went through a whole process to automate this, talking to the Ipsilon
IdP. Documented in Ansible:
The steps specific to Mellon are here:
Ipsilon is Python, light weight, and in use by the Fedora team.
My team is currently working on getting Federation to work with
Keycloak, but I don't have that wokring and documented yet. Keycloak is
a very nice, full featured app, But Java and JBoss, which might work for
some people and not for others.
> Also, which external identity provider should i choose.
> Could you please help me ?
> Best regards,
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openstack