Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-16467

General issues on Step 5 configuration in the Deploying RHOSO with a federated IDP chapter

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • rhos-18.0 FR 2 (Mar 2025)
    • documentation
    • None
    • 5
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • None
    • Moderate

      In the Configuring federated authentication in RHOSO guide, chapter 6.1. Deploying RHOSO with a federated IDP:

      https://docs.redhat.com/en/documentation/red_hat_openstack_services_on_openshift/18.0/html/configuring_security_services/assembly_rhoso-federation#proc_deploying-rhoso-with-a-federated-idp_rhoso-federation

      Issues identified:

      • Bad indentation in code the Step 5
      • OIDCProviderMetadataURL is duplicated. Configuration is duplicated on sub-step 3 and 8 
      • OIDCCryptoPassphrase isn't clear if it should be generated by the user.
      • Missing replacing my_federation_provider_name in the following section of the code keystone-httpd-override.yml:
        •  
      <LocationMatch "/v3/auth/OS-FEDERATION/identity_providers/my_federation_provider_name/protocols/openid/websso">
AuthType "openid-connect"
Require valid-user
</LocationMatch>
<Location ~ "/v3/OS-FEDERATION/identity_providers/my_federation_provider_name/protocols/openid/auth">
AuthType oauth20
Require valid-user
</Location>
<LocationMatch "/v3/auth/OS-FEDERATION/websso/openid">
AuthType "openid-connect"
Require valid-user
</LocationMatch>

       

       

       

              rheslop@redhat.com Roger Heslop
              pnavarro@redhat.com Pedro Navarro Perez
              rhos-dfg-upgrades
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: