On 08/12/17 11:47, Lance Bragstad wrote:
>
> On 12/07/2017 12:27 PM, Colleen Murphy wrote:
>> On Thu, Dec 7, 2017 at 5:37 PM, Pavlo Shchelokovskyy
>> wrote:
>>> Hi all,
>>>
>>> We have a following use case - several independent keystones (say KeyA and
>>> KeyB), using fernet tokens and synchronize
Hi Pavlo, I think that there are viable alternatives to your specific use
case having single external idp for federated auth.
Depending on your IT environment architecture and preferences you have the
following possibilities, both of them are providing very smooth user
experience:
- in AD centric e
Hi,
> On 12/07/2017 12:27 PM, Colleen Murphy wrote:
>> On Thu, Dec 7, 2017 at 5:37 PM, Pavlo Shchelokovskyy
>> wrote:
>>> Hi all,
>>>
>>> We have a following use case - several independent keystones (say KeyA and
>>> KeyB), using fernet tokens and synchronized fernet keys, and single external
>>>
On 12/07/2017 12:27 PM, Colleen Murphy wrote:
> On Thu, Dec 7, 2017 at 5:37 PM, Pavlo Shchelokovskyy
> wrote:
>> Hi all,
>>
>> We have a following use case - several independent keystones (say KeyA and
>> KeyB), using fernet tokens and synchronized fernet keys, and single external
>> IdP for fed
On Thu, Dec 7, 2017 at 5:37 PM, Pavlo Shchelokovskyy
wrote:
> Hi all,
>
> We have a following use case - several independent keystones (say KeyA and
> KeyB), using fernet tokens and synchronized fernet keys, and single external
> IdP for federated auth.
>
> Is it generally possible to configure bo
Hi, Pavlo.
Looks like it's not just project/domain UUID should be equal, but also
audit_id, endpoints_id, protocol_id, roles_id and many other entities.
So, looks like it is not possible to implement this using current code
base, but I could be wrong.
You can take a look at mapped auth plugin [1]
Hi all,
We have a following use case - several independent keystones (say KeyA and
KeyB), using fernet tokens and synchronized fernet keys, and single
external IdP for federated auth.
Is it generally possible to configure both KeyA and KeyB such that scoped
token issued by KeyA for a federated us